Maintained by: NLnet Labs

[Unbound-users] Captive portal question

Sven Ulland
Fri Apr 23 13:24:28 CEST 2010

On 2010-04-23 12:23, Tim Kindberg wrote:
> Assuming the scheme that I have defined (1-3 in my original message)
> works, then when the attacker tries to resolve, the
> request will be CNAMEd to, which I control.

You are right, Tim. I didn't read your config in detail. Feel free to
keep the DNS tunnel loophole available, though, in the spirit of
elevator operators' secret key press overrides, red light zebra
crossing tricks of the trade, etc :)