[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Any DNS Experts around........



On Tue, 2003-03-11 at 18:48, Rob Keeling wrote:
> What I now want to do is "poison" the DNS cache with various entries for
> other (random) domain names.

When you think this is the solution, you know you are wrong. Repeat
after me - "Yuck!"

> eg My laptop wants to send email to smtp.freeserve.net, which is right for
> home at school I need it to connect via our
> school email server. If DNS returned our internal IP for smtp.freeserve.net
> ..... problem solved!

No, problem not solved. For you to 'poison' smtp.freeserve.net means you
would have to be authoritative for freeserve.net, so you would either
have to a) live with sites in that domain not working, b) replicate
their entire zone, c) try to forward the 'correct' requests.

All of which are horrible 'solutions'.

What you ought to do is setup DNS at both home and school, and get your
mail from 'robmail.robsdomain' or something - and have that resolve to
two different things/CNAMEs in different places. 

> I also want to divert various web pages so that I can add additional web
> filtering to our system with out having to secondary proxy things.

That will break lots of things without you realising, and is not the way
to do filtering (after all, if the kids know the ip address, they still
get through some of the time). I'm not sure what you mean by a
'secondary proxy' though - are you saying you want to filter content
without having a filter in place? Is there something specific you're
trying to achieve here?

Cheers,

Alex.

Attachment: signature.asc
Description: This is a digitally signed message part