Hi, A countermeasure would be just blackholing "sidear.cn".
# queries for sidear.cn is just dropped and generates no answer. local-zone: "sidear.cn" deny - or - # queries for sidear.cn returns REFUSED local-zone: "sidear.cn" refuse ------ Next (current) terget is yahoo.com ? $ dig @a.dns.cn sidear.cn ;; QUESTION SECTION: ;sidear.cn. IN A ;; AUTHORITY SECTION: sidear.cn. 86400 IN NS ns2.yahoo.com. sidear.cn. 86400 IN NS ns1.yahoo.com. -- Daisuke HIGASHI _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
