Maintained by: NLnet Labs

[Unbound-users] Filtering unbound Responses (DNS Rebinding issue)

Wouter Wijngaards
Fri Aug 8 09:42:30 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

7v5w7go9ub0o wrote:
| UnBound 1.02
|
| Is there an option to filter DNS responses?
|
| My concern is DNS rebinding, wherein external DNS responses point to
| local addresses. I'd like the option to Block responses that point to:
|
| private IP addresses (127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8,
| 172.16.0.0/12 and 169.254.0.0/16)

I'll see what I can do.  Maybe turn this on by default (if it does not
hinder legit users), with an option to turn off or add subnets to filter
as well.

Best regards,
~   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkib+OYACgkQkDLqNwOhpPj8zQCfdq8TvSkpaXsWzR0ylTL71mXg
20QAoIprdX1QJ3faJhfk3T1lQiOBaTH/
=uVxc
-----END PGP SIGNATURE-----