[SATLUG] RR blocking port 21 & 80?

Brad Knowles brad at shub-internet.org
Thu Jun 19 00:58:40 CDT 2008


On 6/18/08, Tweeks wrote:

>  It's a little know fact that most DNS daemons can look-up anything and serve
>  anything.  BIND (at least) can literally look up album names and return ISBN
>  numbers if you wanted it to (locally of course.. not on the qualified net
>  rom "." down).  But likewise you can also have it legally look up
>  www.example.com and an A record direct traffic to 72.177.239.344:8080.
>  Easy breezy. :)

That only works with SRV records.  Very, very few clients support SRV 
records, so very, very few places try to provide them.

Otherwise, when serving up A records, or MX records, or any of the 
more standard type of records, it's simply not physically possible to 
do things like redirect to other ports or whatever.  Doing a 
redirection to other ports would have to be done within Apache, and 
if you could get to port 80 to get the redirection to port 8080, then 
you don't need the redirection in the first place.

>  (I'm sure Brad will have something advanced and verbose about this topic ;)

I don't think this is particularly verbose.

-- 
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>


More information about the SATLUG mailing list