Brad Olin wrote:

> Not true if he is authoritative on one or more domains on the lookup of
> those domains. To paraphrase the process... The process starts by the
> client contacting the tld server, then based on that reply, the client
> contacts the authoritative dns server(s). If his dns server is the
> authoritative server, and he blocks the requesting IP, then the
> domain(s) he serves would be broken for that IP/address range.

You are correct, *if* this particular client is running their own
nameserver. And that right there is part of the problem; some Verizon
client is running their own nameserver and is running amok with update
requests and he'd like to block it.

>
> Your assumption is fine if he has a caching only server.

As well the scads of other clients that are just ordinary dial-up users.

>
>
>>Unfortunately, the offending single user probably would shift around the
>>assigned address, so IPTABLE would be an action of last resort.
>
>
> True if it's a malicious intent. It could be just a poorly configured
> box.


I lean toward the latter. The only malicious update intent I've seen
was toward Windows DNS machines that allowed people to poison the cache
and do such nasties as point all requests to some porn site.


--

WWJD? JWRTFM
Rot13 for email address: yvfgf @ ehqa.pbz