host -l
Tilman Schmidt
Tilman.Schmidt at sema.de
Tue Apr 11 12:54:33 UTC 2000
At 18:35 09.04.00 +0800, Michael Vincent K. Pozon - CompE wrote:
>i already configured allow-transfer in general and it works great, it will
>not approve an AXFR from an unauthorize request but what i'm concern about
>is the command "host -l mydomain.com" ... how do i restrict to not output
>valuable domain data to unauthorize request ... and how do i log an action
>requesting for "host -l mydomain.com" in the mydomain.com holder itself ?
Are you trying host -l on a machine that is allowed to do AXFRs?
This will of course succeed, because BIND only sees from which
machine the request is coming, not which command produced it.
If you try it from a different machine which isn't allowed to
AXFR you'll find your request is rejected.
--
Tilman Schmidt E-Mail: Tilman.Schmidt at sema.de (office)
Sema Group Koeln, Germany tilman at schmidt.bn.uunet.de (private)
More information about the bind-users
mailing list