updates (how 2 stop?)
chris cariffe
chriss at well.com
Wed Jul 7 15:44:26 UTC 1999
That's what I see in the logs. It isn't allowing updates but it is
logging. The logging is fine as it is a good security measure.
However I was told when this client came up and tried to do an update the
BIND process on the server hung. Is this a known problem or should I test
this myself? I didn't witness this myself but was told this by my client.
-chris
On Wed, 7 Jul 1999, Jim Reid wrote:
> >>>>> "chris" == chris cariffe <chriss at well.com> writes:
>
> chris> since it seems that Windows2000 tries to do an auto update
> chris> by default how can i turn off the allow update feature in
> chris> BIND 8.1.2 and 8.2 so i can avoid these messages
>
> It's not clear what you mean. By default, dynamic DNS is disabled in
> BIND8. There's nothing to "turn off". If you want random desktops to
> have arbitrary write access to your DNS, you have to explictly enable
> it with an allow-update substatement in the relevant zone statement in
> named.conf.
>
> If you want to suppress logging of these messages, you can do this
> through named.conf's logging statement. Just direct all messages in
> the update category to the null (logging) channel:
> logging {
> ...
> category update { null; }
> ...
> }
>
> However that is VERY unwise. You could be throwing away information
> about possible security attacks as well as misconfigured boxes that
> are trying to do naughty things to your DNS data.
>
>
>
>
More information about the bind-users
mailing list