----- Original Message ----- From: "[K][R][Y][P][T][O][N]" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 18, 2002 6:05 PM Subject: [plug] Blocking an entire Domain
> > Good day to all! > I would like to seek some advice on how to block an entire domain that: > 1. messages / sends email on my domain. > 2. block the url of a specific domain so that all my workstations cant view > that site. I got a funny solution for this. It will work if your gateway is a dns server and if the workstations are using that gateway as the dns to resolve hostnames. Assuming you don't want your users to go microsoft.com: 1. add a microsoft.com zone file on your dns server and other things there, you know it! 2. and it should be pointing to 127.0.0.1. 3. you got to send HUP signal to your named daemon So what do we gain from this kind of configuration? 1. When someone tries to go to the www.microsoft.com, your dns will send back the reply of 127.0.0.1. Your workstations now will be pointing to itself. Does it make sense? :) But if one of your user knows something about how Internet works, he can just find other available dns servers out there. This is where your ipchains/iptables come in. I also used this solution in my Apache httpd.conf. So everytime my apache receives a traffic w/c is a IIS unicode attack, redirect to 127.0.0.1 :) I also used this technique in my hosts file RE banners/ads :) Hope this helps... a nice exercise too :) Onie _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
