Unapproved AXFR?
Lars-Johan Liman
liman at sunet.se
Tue Dec 14 16:09:33 UTC 1999
barmar at bbnplanet.com:
> But adding "allow-transfer" to your named.conf file costs practically
> nothing. You don't need a good reason to do it; simple paranoia is
> sufficient.
It's not to me. If the paranoia has a motivation - fine, but I like to
know why I'm doing things, and general paranoia doesn't provide the
anwer to that. :-)
The interesting thing with this discussion is that so far, I have not
seen an answer to my question: is there a _technical_ reason to limit
zone transfers (except for server overload)? You have all just given
the reasons I already know and _feel_, but they don't talk to the
logical part of my mind.
So - I'm still looking for technical reasons. If the general
conclusion is "there doesn't seem to be any", that is fine, because
then I know what I'm dealing with. _MY_ paranoia is "Have I missed a
technical reason?". :-) :-)
Cheers,
/Liman
#----------------------------------------------------------------------
# Lars-Johan Liman, Systems Specialist ! E-mail: liman at sunet.se
# KTH Network Operations Centre ! HTTP : //www.sunet.se/~liman
# Royal Institute of Technology, Sweden ! Voice : Int +46 8 - 790 65 60
#----------------------------------------------------------------------
More information about the bind-users
mailing list