Preventing the nslookup "ls" command
William Webb
wwebb at adni.net
Tue Oct 19 20:14:25 UTC 1999
On your slave zone statements add the line:
allow-transfer { none; };
On your master add the line:
allow-transfer { 198.88.0.19; 192.46.38.15; };
You would substitute the IP addresses above for your slave IP
addresses so they could do transfers.
Cheers, Bill Webb
To: comp-protocols-dns-bind at moderators.isc.org
From: etdavis at my-deja.com
Subject: Preventing the nslookup "ls" command
Date sent: Tue, 19 Oct 1999 19:25:13 GMT
Organization: Just Another STUDent Trying to get by
> I'm trying to secure our DNS using BIND 8.1.2 on a Solaris server. How
> do I keep the DNS from servicing "ls" requests?
> Also, I only want Zone Transfers to occur to certain other DNS's. I
> believe I have figured that part out, but the "ls" command still works
> using nslookup, which I want to prevent.
> Thanx...
> {;-)
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
>
More information about the bind-users
mailing list