securing up my config
Erik Colliander
erik at colliander.pp.se
Fri Jan 28 17:50:14 UTC 2000
Here´re some ideas for named.conf:
-
options {
directory "/etc/namedb";
datasize 128m;
etc
};
zone "domain.tld" {
type slave;
file "customer/domain.tld";
masters { 1.2.3.4; };
allow-transfer { localhost; };
etc
-
check out the
allow-query etc in the manual, and channel logging also gives you
opertunity to put your logs in a more customized way/places etc.
//Erik
Marc Peiser wrote:
> Hi there,
>
> I running bind 8.2.2P5 and want to secure up my server. Is it possible to
> stop anyone doing a "dig axfr mydomain.com", ie I only want to give them
> one A or MX record at a time.
>
> Who should dns zone transfers be limited to? My secondaries? How do I
> limit this?
>
> Does someone have an example of a nice fast secure named.conf file for me
> to look at... if there is such a thing :-)
>
> Any help would be greatly appreciated.
>
> Regards, Marc
More information about the bind-users
mailing list