TSIG for securing zone transfers
Kevin Darcy
kcd at daimlerchrysler.com
Thu Jun 15 22:01:29 UTC 2000
Do you have an "allow-transfer" clause anywhere? The default is to permit
transfers for all hosts.
- Kevin
Thiago NA wrote:
> Hi,
>
> I'am testing the feature TSIG in my bind and I have been some troubles.
> I configured my server to only accept tranfer zone from it and configured
> the server with a key, but it is accepting transfer zone with "nslookup's
> ls".
>
> my named.conf:
> ...
>
> key test {
> algorithm hmac-md5;
> secret "abcdefgh";
> };
>
> the server x.y.z.w is itself.
> server x.y.z.w {
> keys { leo_key; };
> };
>
> ...
>
> Thank you.
>
> Thiago.
More information about the bind-users
mailing list