dotFiles

DNS therapy

Very simply, DNS therapy is the same technique as DNS poisoning, but it's used for a good thing.

You can use DNS therapy for things as benign as making your external website resolve to your internal web server, like described in To www. or not to www.. Or something more aggressive like making www.whitehouse.com resolve to an internal server that serves up warning pages telling people not to access forbidden content.

To utilize DNS therapy, all you need to do is to add a DNS zone to a DNS server that has the proper records to make names resolve to where you want them to resolve to. Often, I create a zone with the same name as the name that I want to apply DNS therapy to, then create an A record in the apex that resolves to the IP that I want. Sometimes I will create a zone named the same thing as the parent domain if I want to apply DNS therapy to multiple names in the same domain. However, using the parent domain name as the zone name can potentially have unwanted side effects if you don't re-create all the names in the zone that get queried.

$ORIGIN .
$TTL 3600
www.whitehouse.com.	IN	SOA	localhost.localdomain root.localhost.localdomain. (1234 3600 1800 43200 3600)
$ORIGIN www.whitehouse.com.
@			IN	A	127.0.0.1