Date: Fri, 28 Dec 2007 09:49:25 -0600 From: Kevin Kinsey <kdk@daleco.biz> To: Olivier Nicole <on@cs.ait.ac.th> Cc: freebsd-questions@freebsd.org Subject: Re: Blocking undesirable domains using BIND Message-ID: <47751B05.6080807@daleco.biz> In-Reply-To: <200712280508.lBS58jLo022219@banyan.cs.ait.ac.th> References: <26ddd1750712271246j14795cf3wf8e9727f0f7cc148@mail.gmail.com> <47744048.6020202@daleco.biz> <26ddd1750712272037x594336efndcd136ee2101e3e7@mail.gmail.com> <200712280508.lBS58jLo022219@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
Olivier Nicole wrote: >> Again, I'm not trying to convince you otherwise or say that using >> BIND is a bad idea. It's just that I'm curious because we use >> Squid for this sort of thing, and I was wondering why BIND instead? > > I think another issue is that Squid will only filter HTTP/FTP > connections, while DNS would allow to filter any type of traffic that > would try to go to places with a bad name. > > Olivier In the absence of egress filtering on the firewall, that would definitely be an advantage. Does anyone use BIND for filtering in a small to medium business environment then? How does it perform? Kevin Kinsey -- I trust the first lion he meets will do his duty. -- J. P. Morgan on Teddy Roosevelt's safari
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47751B05.6080807>