More on advisory question
Dave Wreski
dave at nic.com
Fri Oct 8 20:40:14 UTC 1999
> >Why is the ACL 'trusted' not known?
>
> How is BIND supposed to know what IP addresses you trust? You have to
> define it using an "acl" statement. For example,
I thought it was a reserved word. There was no mention in that in the
advisory. I have used the allow-transfer statement, however. Can you
explain the difference? Can the 'trusted' be used in the same manner,
effectively?
> >Actually, how do I prevent unauthorized queries? I'd like to prevent
> >someone from doing:
> >
> ># nslookup www.netscape.com ns.mydomain.com
>
> How do you possibly think you can stop people on machines you have no
> control over from typing that command? All you can do is configure your
> server so it won't answer them.
Heh, I thought I'd strap 30k volts to everyone's keyboard when it was
detected that they were typing that.. Ok, sorry for the sarcasm. That is
actually what I was getting at by my statement above. What would give you
the idea that I could expect to control what someone typed? ;)
Thank you,
Dave
More information about the bind-users
mailing list