On 10/25/2018 06:26 PM, Lee wrote:
If you're using those addresses internally it makes sense to filter them
from 'outside'.
That's what I thought.
I play those games at times also :) So it sounds like what I was
missing is that you like a challenge & are using more address space that
I thou
On 10/25/18, Grant Taylor via bind-users wrote:
> On 10/25/2018 03:25 PM, Lee wrote:
>
>> I'm missing what filtering out things like benchmarking & documentation
>> network addrs gets you beyond maybe saving some bandwidth?
>
> I do use all sorts of IP ranges (test networks extensively) in my home
On 10/25/2018 03:25 PM, Lee wrote:
I feel like I'm missing something :(
I'll see if I can fill in below.
I read this
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325
and used RPZ to block anything coming from outside that might be
On 10/24/18, Grant Taylor via bind-users wrote:
> On 08/09/2018 01:01 AM, Lee wrote:
>> it does, so you have to flag your local zones as rpz-passthru.
>
> Thank you again Lee. You gave me exactly what I needed and wanted to know.
you're welcome :)
> I finally got around to configuring my RPZ to
On 08/09/2018 01:01 AM, Lee wrote:
it does, so you have to flag your local zones as rpz-passthru.
Thank you again Lee. You gave me exactly what I needed and wanted to know.
I finally got around to configuring my RPZ to filter IPv4
Special-Purpose Address Registry as per IANA's definition.
(
Well this is valid when users are directly talking to RPZ servers. What if
there is one more resolver in between like Active Directory which itself
acts as a DNS server? In that case I believe you don't need to do that,
right?
On Fri, Aug 10, 2018 at 12:33 AM Grant Taylor via bind-users <
bind-use
On 08/09/2018 01:01 AM, Lee wrote:
yes, it works just fine
Good.
it does, so you have to flag your local zones as rpz-passthru. eg:
*.home.net CNAME rpz-passthru.
localhost CNAME rpz-passthru.
8.0.0.0.127.rpz-ip CNAME . ; 127.0.0.0/8
8.0.0.0.10.rp
On 8/9/18, Grant Taylor via bind-users wrote:
> On 08/08/2018 10:02 PM, Blason R wrote:
>> Due to the architecture since I have my internal DNS RPZ built I wanted
>> my other internal DNS servers should send traffic to RPZ server and
>> then RPZ would resolve on behalf of client.
>
> Speaking of
On 08/08/2018 10:02 PM, Blason R wrote:
Due to the architecture since I have my internal DNS RPZ built I wanted
my other internal DNS servers should send traffic to RPZ server and
then RPZ would resolve on behalf of client.
Speaking of PRZ and forwarding…
Does anyone know off hand if BIND, w
Hi there,
Due to the architecture since I have my internal DNS RPZ built I wanted my
other internal DNS servers should send traffic to RPZ server and then RPZ
would resolve on behalf of client.
Client --->DNS AUTH Server for xyz.com===> Fporwarder ==> 192.168.3.44===>
INTERNET
On Wed, Aug 8, 20
On 08.08.18 19:32, Blason R wrote:
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set
why?
to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging
In article ,
Blason R wrote:
> Hi there,
>
> I am bit confused about DNS forwarders. I have two BIND Servers one is
> being used as Authoritative DNS server which has forwarder set to other
> server like this
>
> Auth Server for xvyz.com 192.168.3.15
> Recursive Server 192.168.3.44
>
> Now i
Hi there,
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging from client side using -debug optio
13 matches
Mail list logo