Maintained by: NLnet Labs

[Unbound-users] Captive portal question

Sven Ulland
Fri Apr 23 13:24:28 CEST 2010


On 2010-04-23 12:23, Tim Kindberg wrote:
> Assuming the scheme that I have defined (1-3 in my original message)
> works, then when the attacker tries to resolve example4.org, the
> request will be CNAMEd to example3.org, which I control.

You are right, Tim. I didn't read your config in detail. Feel free to
keep the DNS tunnel loophole available, though, in the spirit of
elevator operators' secret key press overrides, red light zebra
crossing tricks of the trade, etc :)

s.