Given the recent cockup by verisign, I thought I'd reconfigure my name
server so it only resolves existing names. I've done this by declaring
all the name servers which respond to invalid queries as invalid by
adding this to /etc/bind/named.conf (bind 8.3.4-4). This has probably
left a hole in my DNS big enough to fit one of Iain M Bank's
Superlifters through, but I've not had any problems yet with a wide
selection of sites. Even better, I haven't had to patch and recompile
anything or wait for upstream fixes :-)
server 192.35.51.30 {
bogus "yes";
};
server 192.5.6.30 {
bogus "yes";
};
server 192.12.94.30 {
bogus "yes";
};
server 192.33.14.30 {
bogus "yes";
};
server 192.42.93.30 {
bogus "yes";
};
server 192.43.172.30 {
bogus "yes";
};
server 192.41.162.30 {
bogus "yes";
};
server 192.31.80.30 {
bogus "yes";
};
server 192.55.83.30 {
bogus "yes";
};
server 192.54.112.30 {
bogus "yes";
};
server 192.26.92.30 {
bogus "yes";
};
server 192.52.178.30 {
bogus "yes";
};
--
Stephen Patterson http://patter.mine.nu/
[EMAIL PROTECTED] remove SPAM to reply
Linux Counter No: 142831 GPG Public key: 252B8B37
Last one down the pub's an MCSE
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
