security in firefox4
Tim
ignored_mailbox at yahoo.com.au
Fri May 20 04:19:54 UTC 2011
Tim:
>> I do something similar with my DNS server. I have a dead zone file,
>> which produces instant fails to any queries to any domain names I
>> associate it with. It gives me neat, central, management of all
>> computers on the LAN.
Dotan Cohen:
> Is that for your entire network, or just one computer? If it's just
> for the one machine, you might find it easier to maintain a simple
> hosts file.
You might want to read my first paragraph, again...
Though, even for just one computer, it offers something that can't be
done with the hosts file: Wildcarding.
If I wanted to blacklist an entire domain, and all of its subdomains, I
can't do that in the hosts file, I have to list each FQDN that I want to
block.
It also offers something else. With the hosts file, you can only
associate a different IP with the domain name (than the real IP). With
my solution you can offer a "no answer," essentially an "it does not
exist" response. Which is a faster kill, avoiding any waiting for
responses. And doesn't cause problems when you do have a webserver
running on the localhost.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list