Re: Domain connections to blackhole-1.iana.org?
From: Tom P. (oldreeboks@yahoo.com)Date: 03/31/02
- Next message: Cybernetics, Monmouth: "eay one!"
- Previous message: Vikash K Agarwal: "Re: two way communication using NAT and port forwarding"
- In reply to: Tilman Schmidt: "Re: Domain connections to blackhole-1.iana.org?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tom P." <oldreeboks@yahoo.com> Date: Sun, 31 Mar 2002 11:13:46 GMT
"Tilman Schmidt" <Tilman.Schmidt@ePost.de> wrote in message
news:ifgr9ugi1m8bc87b514ru9cbo5t7p4jpaf@4ax.com...
>
> Those are reverse DNS lookups for private IP addresses leaking to the
> Internet from your internal network. blackhole-1.iana.org
> [192.0.32.18, 192.0.32.20] and blackhole-2.iana.org [192.0.32.19] have
> been set up specifically to catch those. They used to return some
> funny hostname (something with "DO.NOT.USE" IIRC) but nowadays they
> just return a NXDOMAIN error. You should configure your name servers
> to answer those queries internally and not leak them to the Internet.
>
<snipped>
> --
> Tilman Schmidt E-Mail: Tilman.Schmidt@ePost.de
> Bonn, Germany
> - In theory, there is no difference between theory and practice.
> In practice, there is.
Tilman,
Tks. I also found a related article,
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q259922 , that seems
to be related but looks like blackhole-1.iana.org has taken over for
blackhole.isi.edu.
Haven't implemented yours/their solutions yet, but it sounds correct. Will
post followup if it doesn't.
-Tom
- Next message: Cybernetics, Monmouth: "eay one!"
- Previous message: Vikash K Agarwal: "Re: two way communication using NAT and port forwarding"
- In reply to: Tilman Schmidt: "Re: Domain connections to blackhole-1.iana.org?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
