There is usually one zone file per domain, but for the purposes of blocking malware, a single zone file can be associated with multiple malware-associated domains.
While you could add domains directly into the named.conf, an include statement lets you place all of the blocked domains in a single file, which will make the file portable and easier to replace.
to prevent recursive servers from sending unnecessary queries to Internet servers that cannot handle them (thus creating delays and SERVFAIL responses to clients who query for them). ) allow a secondary nameserver to only download the updated portions of a zone modified on a primary nameserver.
These empty zones ensure that immediate and authoritative NXDOMAIN responses are returned instead. Compared to the standard transfer process, this makes the notification and update process much more efficient.
While the directives are optional, the resource records are required in order to provide name service to a zone.
Increasing this value allows remote nameservers to cache the zone information for a longer period of time, reducing the number of queries for the zone and lengthening the amount of time required to propagate resource record changes. Note that when two nameservers are listed as authoritative for the domain, it is not important whether these nameservers are secondary nameservers, or if one of them is a primary server.
We all have had problems with machines being overrun by malware: taking 20 minutes to startup, constant popups, hijacking of the home and search pages, bookmarks being added, etc.
However, they only work on the local machine or perhaps a home network.
Many corporations deploy an internal DNS server for use on their Local Area Network, usually to provide name resolution for internal hosts or to speed up browsing by locally caching DNS queries .
Such a server could also be configured as a “primary” or “master” resolver for domains associated with malware and spyware.
One of the more popular techniques for fighting malware among home users is through the use of a host file for DNS redirection.
A host can be used to maps hostnames associated with malware to a different IP address (such as a loopback address, 127.0.0.1).