Hi! Sorry for the delay.
It was very useful for me. Thanks! In our nameserver we do not apply the bogon filter to the bogus addresses because it will change with time and we not know how update them automatically. My question is that if it is useful to blacklist the private address range(this addresses never change with time ;) ) so our nameserver will never respond queries from this addresses. I ask if this is usefull because the private address range don't have meaning of sense in Internet. Thanks! -- Diosney On Wed, 2010-02-24 at 02:30 -0700, Bill Larson wrote: > On Feb 23, 2010, at 7:56 PM, Diosney Sarmiento Herrera wrote: > > > Hi! > > > > Have any sense to blacklist the private address ranges on a server > > that is facing Internet? I mean, this address ranges is not even > > routed > > on the Internet. > > > > There is a trick about this? > > No trick, it is commonly done. For a good example of this (and many > other things), see the Secure BIND Template at > http://www.cymru.com/Documents/secure-bind-template.html > . > > Bill Larson _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users