[Unbound-users] Captive portal question

Sven Ulland sveniu at ifi.uio.no
Fri Apr 23 11:24:28 UTC 2010

On 2010-04-23 12:23, Tim Kindberg wrote:
> Assuming the scheme that I have defined (1-3 in my original message)
> works, then when the attacker tries to resolve example4.org, the
> request will be CNAMEd to example3.org, which I control.

You are right, Tim. I didn't read your config in detail. Feel free to
keep the DNS tunnel loophole available, though, in the spirit of
elevator operators' secret key press overrides, red light zebra
crossing tricks of the trade, etc :)


More information about the Unbound-users mailing list