November 25, 2024, 07:28:35 PM

News : LinuxSolved.com Linux Help Community Forum..


Author Topic: nslookup  (Read 5713 times)

Offline ilias

  • Linux Learner
  • ***
  • Posts: 116
nslookup
« on: October 01, 2006, 05:26:25 AM »
Hi all

I have linux transparent proxy on RHEL3,I have very serious concern where i want to block the user using nslookup command to find out the IP address of the many internet domains.

Can anyone help me in doing this, which protocol has to be blocked and any way......

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
nslookup
« Reply #1 on: October 01, 2006, 05:44:43 PM »
I think that the function nslookup simply uses DNS to resolve IP to domain and also reverse so there is nothing specific to be blocked  though you can block Port  53 which is used for DNS lookup.

BTW, I you are running transparent proxy then you might block port 53 as transparent proxy also forward port 53.

Try adding this in your NAT script
Code: [Select]
# This line is to drop TCP port 53
iptables -A INPUT -p tcp -i eth1 --dport 53 -j DROP

NOTE: Here eth1 represent the NIC on which your LAN is connected and in above line we are simply dening any request made on port 53 from local LAN.

But it may or may not work as I am not sure about behavior of this as in general it should stop DNS lookup from function so it means you cannot open site by giving its name but from IP can, on the other hand here you are having transparent proxy then it may or may not work  but you have to test.