|
In January 2010, I posted a diary on how to configure zone files to setup a DNS sinkhole using IPv4 addresses. This updated diary shows how to add IPv6 support to your zone file to sinkhole both IPv4 and IPv6. Single Hostname (/var/named/sinkhole/client.nowhere) Wildcard Domain (/var/named/sinkhole/domain.nowhere) Note: If you are not currently using IPv6 in your network, change the example fec0:0:0:bebb::5 to ::1 (localhost) to prevent 6to4, Toredo, etc from leaving the network. To verify your zone files are correctly configured, you can use nslookup to query a hostname or a domain loaded in your sinkhole. With Windows 7 (note that it shows both IPv4 and IPv6): C:>nslookup zz87lhfda88.com Name: zz87lhfda88.com With Linux, you need to specify query AAAA record: guy@seeker:~$ nslookup -q=aaaa zz87lhfda88.com zz87lhfda88.com has AAAA address fec0:0:0:bebb::5 [1] http://isc.sans.edu/diary.html?storyid=7930 ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu Community SANS SEC 503 coming to Ottawa Sep 2011 |
Guy 523 Posts ISC Handler Sep 9th 2011 |
| Thread locked Subscribe |
Sep 9th 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
