Restricting Zone transfers on NT
Cricket Liu
cricket at acmebw.com
Fri Feb 18 19:37:05 UTC 2000
> OK, this isn't a BINd question, but after two days of no response on the
> windowsnt.dns newsgroup, I thought I'd try my luck here.
> We're running two BIND 8 servers, but have an NT server as a backup. I've
> restricted it on the bind servers, but NT's interface is in the true
> "MAC-like" spirit of GUIs that are so easy to use, they lack much of the
> functionality of bind. Anyway, no crap responses please, I'm not a sad
> little NT user who's stubled into the BIND newsgroup, just thought someone
> out there might have encountered the same problems?
>
> Original posting:
>
> Is there a way to limit the hosts allowed to pull zone transfers from the
NT
> server, its easy as pie on BIND, but I can't even find a reference to it
in
> the "Windows NT DNS" book...so sad
You need "DNS on Windows NT." :-)
It's on the Notify tab of the Zone Properties window. There's a checkbox
at the bottom labeled "Only Allow Access From Secondaries Included
on Notify List." There's a screen shot of it in my presentation on securing
name servers, at http://www.acmebw.com/papers/securing.pdf.
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class! See www.acmebw.com/training.htm for
the schedule and to register for upcoming classes.
More information about the bind-users
mailing list