Paul,
How about just configuring your BIND to return errors when his queries against your server? He has got to be using you as either a primary or secondary name server. That would make everything on that machine suddenly come to a grinding halt as nothing would resolve anymore. I used to do that to customers who didn't turn off dynamic dns updates. It got their attention quick. -------------------------- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.2mbit.com ICQ: 8077511 ----- Original Message ----- From: "Paul Vixie" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, September 28, 2003 12:09 PM Subject: Re: Annoying dynamic DNS updates (was Re: someone from attbi please contact me ...) > > > Back in beta days, the official explanation given was that the DNS > > updating was a "value add" and that it would never be disabled as > > a default as a courtesy to corporate customers. Furthermore, MSFT > > folks have repeatedly said that the workaround is to simply configure > > your nameserver to silently ignore the error logs. > > Well, I'm not going to disable that logging since it has been useful > in signalling real attacks in the past. But the thing Microsoft needed > to do with this was ensure that whoever is pirating my domain names on > their home PCs get error message popups telling them to go to MSN and > buy a real domain name. That is, they could be making money here rather > than just giving my syslogd a headache. If MSFT would behave more greedily > then their customer PCs would be contacting them rather than me, right? > -- > Paul Vixie >