jonesy2k
asked on
resolving whole domains to a single IP with bind
hi,
I'm looking to map every possible hostname in a domain to a single IP address eg:
i have a domain name sdf.com and i want any host within this domain to resolve to 12.12.12.12 so,
nslookup fsdf.sdf.com returns 12.12.12.12
as would sdfasdf.sdf.com or d3.sd.sdf.com
does anyone know how to accomplish this with bind?
Cheers,
Andrew.
ajonesatjigsawdotnetdotau
I'm looking to map every possible hostname in a domain to a single IP address eg:
i have a domain name sdf.com and i want any host within this domain to resolve to 12.12.12.12 so,
nslookup fsdf.sdf.com returns 12.12.12.12
as would sdfasdf.sdf.com or d3.sd.sdf.com
does anyone know how to accomplish this with bind?
Cheers,
Andrew.
ajonesatjigsawdotnetdotau
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Okay... That will work as long as they only use your DNS server. A knowlegeable user can simply set their machine to use a DNS server on the Internet and bypass your restriction. Or, even if you block DNS at a firewall so they have to use your DNS server they can create a hosts file record for the site.
That presumes that the ultimate goal is to block folks from using kazaa, gator, or other P2P clients. A better approach, if you want to work off the IP's is to block access to those IP's at a firewall or router. That solution only works for IP's that you know about or TCP/UDP ports that you know. A more complete solution, that works on the content of packets, is somthing like Packeteer or P2P WatchDog (http://www.p2pwatchdog.com/home.html).
That presumes that the ultimate goal is to block folks from using kazaa, gator, or other P2P clients. A better approach, if you want to work off the IP's is to block access to those IP's at a firewall or router. That solution only works for IP's that you know about or TCP/UDP ports that you know. A more complete solution, that works on the content of packets, is somthing like Packeteer or P2P WatchDog (http://www.p2pwatchdog.com/home.html).
ASKER
Thanks.