Fwd: Re: [Pdns-users] Use recursor to block phishing

2008-08-05 Thread Marlon 
Bert,


Follow the recursor.conf:

# Drop uid
setuid=nobody

# Drop gid
setgid=nobody

# Don't log queries
quiet=on

# Local IP address to bind to
local-address=10.1.1.140

# Local port to bind to
local-port=53

# Change root for safety
chroot=/var/lib/powerdns

# Bloqueia malware
auth-zones=malware=/etc/powerdns/malware

And... follow the log:

Jul 30 07:17:53 [pdns_recursor] PowerDNS recursor 3.1.7 (C) 2001-2008
PowerDNS.COM BV (Jul 20 2008, 23:16:13, gcc 4.2.2 (Gentoo 4.2.2 p1.0))
starting up
Jul 30 07:17:53 [pdns_recursor] PowerDNS comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it according to
the terms of the GPL version 2.
Jul 30 07:17:53 [pdns_recursor] Operating in 64 bits mode
Jul 30 07:17:53 [pdns_recursor] Reading random entropy from '/dev/urandom'
Jul 30 07:17:53 [pdns_recursor] Only allowing queries from: 127.0.0.0/8,
10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10
Jul 30 07:17:53 [pdns_recursor] Will not send queries to: 127.0.0.0/8,
10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10
Jul 30 07:17:53 [pdns_recursor] Parsing authoritative data for zone
'malware.'
from file '/etc/powerdns/malware'
Jul 30 07:17:53 [pdns_recursor] Inserting rfc 1918 private space zones
Jul 30 07:17:53 [pdns_recursor] Listening for UDP queries on 10.1.1.140:53
Jul 30 07:17:53 [pdns_recursor] Not decreasing socket buffer size from
65536
to 65000
Jul 30 07:17:53 [pdns_recursor] Listening for TCP queries on 10.1.1.140:53
Jul 30 07:17:53 [pdns_recursor] Done priming cache with root hints
Jul 30 07:17:53 [pdns_recursor] Calling daemonize, going to background
Jul 30 07:17:53 [pdns_recursor] Enabled 'epoll' multiplexer
Jul 30 10:17:53 [pdns_recursor] Set effective group id to 65534
Jul 30 10:17:53 [pdns_recursor] Set effective user id to 65534
Jul 30 10:18:01 [pdns_recursor] Refreshed . records

Regards,

Marlon

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-29 Thread bert hubert 
On Mon, Jul 28, 2008 at 10:39:04PM -0300, sysadmin wrote:
  Regular zonefile format, with the exception of wildcards.
 I setup recursor to load zone file as follow
 *   IN  A   127.0.0.1

A * is a wildcard - which sadly does not work yet in the powerdns recursor
auth server. However..

 arwen powerdns # cat zone.malware
 zone zonadelafrontera.cl in { type master ; file malware ; } ;

This should simply be:
zonadelafrontera.cl=malware

Which should blank out the domain just fine.

Bert

-- 
http://www.PowerDNS.com  Open source, database driven DNS Software 
http://netherlabs.nl  Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-29 Thread sysadmin 
 This should simply be:
 zonadelafrontera.cl=malware

this format doesn't work too, the result still the same:

arwen powerdns # dig query zonadelafrontera.cl +short
164.77.228.194


Should I change the format of malware file ?

Do not use the wildcard * ?

Regards,

Marlon

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-29 Thread bert hubert 
On Tue, Jul 29, 2008 at 07:30:13AM -0300, sysadmin wrote:
  This should simply be:
  zonadelafrontera.cl=malware
 
 this format doesn't work too, the result still the same:

Marlon,

Please show your entire recursor configuration - I wonder if your file is
actually being loaded!

Bert

-- 
http://www.PowerDNS.com  Open source, database driven DNS Software 
http://netherlabs.nl  Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-28 Thread sysadmin 
Hi,

 Regular zonefile format, with the exception of wildcards.

   Bert


I setup recursor to load zone file as follow

recursor.conf:


auth-zones=malware=/etc/powerdns/malware


arwen powerdns # cat malware
$TTL900
@   IN  SOA zone.malware. hostmaster.zone.malware. (
2006102601 10800 3600 604800 86400 )

*   IN  A   127.0.0.1



arwen powerdns # cat zone.malware
zone zonadelafrontera.cl in { type master ; file malware ; } ;


but doesn't worked, when I do 

arwen powerdns # dig query zonadelafrontera.cl +short
164.77.228.194

...should be resolved as 127.0.0.1, right ?


Regards,

Marlon

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-25 Thread fredrik danerklint 

You can use my NoMoreAds for that. 

http://www.fredan.org/os/

 Hi,

 How I create a zone on recursor to block phishing sites ?

 eg.: point the phishing.com domain to my loopback interface 127.0.0.1

 zone file exemple

 a1964.g.akamai.net.   127.0.0.1
 abakos.com.es.127.0.0.1
 abisource.com.127.0.0.1
 abrarsignage.com. 127.0.0.1
 absi2008.netfirms.com.127.0.0.1
 abssair.no.sapo.pt.   127.0.0.1
 academico.cefetpi.br. 127.0.0.1
 acces-direct.net. 127.0.0.1
 acceso.masminutos.com.127.0.0.1
 acecoti.com.ar.   127.0.0.1
 ad.uu500.com. 127.0.0.1


-- 
//fredan
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-25 Thread bert hubert 
On Fri, Jul 25, 2008 at 09:47:56AM -0300, Marlon wrote:
 How I create a zone on recursor to block phishing sites ?

The other solution that was emailed works as well, but in addition, you can
use the 'auth-zones' in the configuration file to point these domains to a
zone containing nothing but a 127.0.0.1 record.

Good luck!

 
 eg.: point the phishing.com domain to my loopback interface 127.0.0.1
 
 zone file exemple
 
 a1964.g.akamai.net.   127.0.0.1
 abakos.com.es.127.0.0.1
 abisource.com.127.0.0.1
 abrarsignage.com. 127.0.0.1
 absi2008.netfirms.com.127.0.0.1
 abssair.no.sapo.pt.   127.0.0.1
 academico.cefetpi.br. 127.0.0.1
 acces-direct.net. 127.0.0.1
 acceso.masminutos.com.127.0.0.1
 acecoti.com.ar.   127.0.0.1
 ad.uu500.com. 127.0.0.1
 ...
 
 
 regards,
 
 Marlon
 
 ___
 Pdns-users mailing list
 Pdns-users@mailman.powerdns.com
 http://mailman.powerdns.com/mailman/listinfo/pdns-users
 
 
 !DSPAM:4889cc4944895702515455!

-- 
http://www.PowerDNS.com  Open source, database driven DNS Software 
http://netherlabs.nl  Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-25 Thread Marlon 
([EMAIL PROTECTED])
References: 
 [EMAIL PROTECTED]
([EMAIL PROTECTED])
Message-ID: [EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
User-Agent: RoundCube Webmail/0.1-rc1
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Thank you Fredrik,

I will try NoMoreAds.

On Fri, 25 Jul 2008 14:56:53 +0200, fredrik danerklint
[EMAIL PROTECTED] wrote:
 
 You can use my NoMoreAds for that.
 
 http://www.fredan.org/os/
 
 Hi,

 How I create a zone on recursor to block phishing sites ?

 eg.: point the phishing.com domain to my loopback interface 127.0.0.1

 zone file exemple

 a1964.g.akamai.net.  127.0.0.1
 abakos.com.es.   127.0.0.1
 abisource.com.   127.0.0.1
 abrarsignage.com.127.0.0.1
 absi2008.netfirms.com.   127.0.0.1
 abssair.no.sapo.pt.  127.0.0.1
 academico.cefetpi.br.127.0.0.1
 acces-direct.net.127.0.0.1
 acceso.masminutos.com.   127.0.0.1
 acecoti.com.ar.  127.0.0.1
 ad.uu500.com.127.0.0.1
 
 
 --
 //fredan
 ___
 Pdns-users mailing list
 Pdns-users@mailman.powerdns.com
 http://mailman.powerdns.com/mailman/listinfo/pdns-users

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-25 Thread Marlon 
([EMAIL PROTECTED])
References: 
 [EMAIL PROTECTED]
([EMAIL PROTECTED])
Message-ID: [EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
User-Agent: RoundCube Webmail/0.1-rc1
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Hi Bert,

 The other solution that was emailed works as well, but in addition, you
 can
 use the 'auth-zones' in the configuration file to point these domains to
a
 zone containing nothing but a 127.0.0.1 record.


Sorry for the newbie question, but what is the format of zone file that
recursor accept ?

I couldn´t find  an example on doc.powerdns.com website

Regards,

Marlon

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Use recursor to block phishing

2008-07-25 Thread bert hubert 
On Fri, Jul 25, 2008 at 01:14:33PM -0300, Marlon wrote:
 Sorry for the newbie question, but what is the format of zone file that
 recursor accept ?

Regular zonefile format, with the exception of wildcards.

Bert

-- 
http://www.PowerDNS.com  Open source, database driven DNS Software 
http://netherlabs.nl  Open and Closed source services
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users