General discussion

Locked

How to make false DNS entries

By twest ·
I run a DNS server Linux using BIND 9.1.1. It acts as a caching DNS server from the Internet, but it is the primary nameserver for our company domain. I want to set up DNS entries for login.oscar.aol.com and the login server for yahoo chat and ircchat that will resolve to bogus IP addresses. By doing so, I hope to thwart the continued use of chat inside the company network by causing these applications to fail to initialize because of the inability to reach the login servers. My question is, how do I set up these bogus DNS entries, when I don't own the domains in question. Also, I want to be able to do this without affecting the other valid destinations from the domains in question. In other words, I want to give false DNS lookups for the yahoo chat server, but not its mail server or web site or any other valid destination that might be part of the yahoo domain.

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

How to make false DNS entries

by lee.read In reply to How to make false DNS ent ...

I think doing this using DNS may not be the best way solve your problem. The only way I think you would be able to do it is to make your server the master for the domain. This won't effect anyone on the net but will make added work for yourself asyou will have to keep changing records on DNS as yahoo make changes to their network. As you are a company and are on the net I'm assuming you have a firewall or something similar, why not tell the firewall(or whatever) not to route traffic to these certain IP addesses. Better still block access to the ports altogether.

Collapse -

How to make false DNS entries

by twest In reply to How to make false DNS ent ...

I have already tried making my DNS server the local master for the aol domain. You are correct in your assessment that this is too much work to maintain. Therefore I was looking for a way just to resolve the few hosts in question, if it is possible. It is possible to block the traffic at the firewall, but I have discovered that some chat services (aol and yahoo in particular) randomly and dynamically establish the ports they use on a per session basis. I have also tried blocking the IP addresses, but have found the these hosts resolve to several IP addresses apiece. Therefore, I thought if I could find an easy way to do this, I would kill it with one step.

Collapse -

How to make false DNS entries

by Stillatit In reply to How to make false DNS ent ...

Whether you can do this with DNS depends on whether the users are using your dns server. If you put in a CNAME record that points a fully-qualified-domain-name (with a . at the end) to, say, 127.0.0.1, that will prevent your DNS server from looking up the real address (since it has it in cache).

If the user is not too bright, you could put an entry in their HOSTS file, pointing the name to 127.0.0.1.

If the user is fairly bright, he can simply use another dns server or remove the HOSTS entry, so neither of these is a sure thing.

If this is a big problem, you may want to treat it as an employee (people) problem rather than a technical problem. A policy issued from the powers-on-high which forbids chat on company machines would get rid of most of the usage. As for the rest, when you notice chat happening, a word to the user or to a supervisor should then be sufficient to stop the activity.

Good luck.

Collapse -

How to make false DNS entries

by twest In reply to How to make false DNS ent ...

Poster rated this answer

Collapse -

How to make false DNS entries

by twest In reply to How to make false DNS ent ...

This question was closed by the author

Back to Linux Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums