After seeing this module on CPAN, I am sorely tempted to write Acme::DNS::Correct::Corrected, which would apply the same algorithm as is used by the BIND patch. But ICBA.
Update: this isn't meant as criticism of Acme::DNS::Correct, BTW | [reply] |
Please note that not everyone runs their own DNS server. For those individuals, this is a very nice option since it seems you can start running it with little modification to the scripts that use Net::DNS::Resolver.
Anonymously yours,
Anonymous Nun
| [reply] |
My only question would be does it only deal with the Verisign wildcards (.com and .net), or does it handle the others as well (such as those mentioned elsewhere, such as in the djbdns patch)? Just from reading the docs for it, it does not look as if it does, appearing to be limited to only the Verisign address. If this is indeed the case, then perhaps it should be updated to handle the others as well? | [reply] |
Greetings, Monks.
While I realize this review is quite old now. What follows is quite pertinent today, as it would have been at the time this review was created.
Verisign aka; Network (Po|So)lutions, received quite a bit of push-back on this; both from the Standards (ICAN|IANA) organizations, as well as DNS providers. In the case of DNS providers, many, opted to NUKE the Versisgn tactic, and return the PROPER response for the RR (Resource Record) -- Doesn't Exist.
For those who don't/didn't have access to these/those DNS providers, or a Local DNS. It is a simple matter of adding an additional entry to the localhost file [cite needed]. Which fortunately, is available on every Network Enabled computer. It's part of the arpa standard. Generally speaking; it's as simple as adding the offending IP address to the file. Problem solved. There are also trickier implementations that can be employed. But, for the sake of this review, it's enough to say; simply add the IP.
Best wishes.
--Chris
¡λɐp ʇɑəɹ⅁ ɐ əʌɐɥ puɐ ʻꜱdləɥ ꜱᴉɥʇ ədoH
| [reply] |
while this will prevent you from accidentally sending confidential data to that Provider, you won't get back NXDOMAIN (which might be needed, depending on your application)
| [reply]
[d/l] |
True, if only implemented in it's simplest form, eg; simply adding the IP to the localhost file, and in the absence of local DNS. But, with the presence of local DNS, or the inclusion of a HOSTS file. Getting/Returning the correct response is fairly trivial.
--Chris
¡λɐp ʇɑəɹ⅁ ɐ əʌɐɥ puɐ ʻꜱdləɥ ꜱᴉɥʇ ədoH
| [reply] |
