zone transfers
Quadri, Jay
Jay.Quadri at gmk.cwplc.com
Fri Sep 8 09:41:34 UTC 2000
for 4.9.x: put xfrnets 10.0.0.0 172.168.0.0 in your named.boot file.
it allows all hosts on 10.0.0.0 & 172.168.0.0 network to transfer zones from
your nameserver.
you can also add netmask inorder to specify just part of the network down to
a single IP address by doing this:
xfrnets 10.10.10.3&255.255.255.0 172.168.56.5&255.255.255.255
You don't need to do this if you are runing a fireWall
-----Original Message-----
From: Sears, Robert [mailto:Sears at nlmoc.navy.mil]
Sent: Thursday, September 07, 2000 9:26 PM
To: 'comp-protocols-dns-bind at moderators.uu.net'
Subject: zone transfers
I am running Bind 4.9.7 due to HPUX 10.x update restrictions. A recent
security test showed that my DNS server honors zone transfer requests,
identifying every machine registered with my server.
I have read about command lines in the conf file but those are for BIND
8.x
How can I secure my DNS server from this problems?
thanks
More information about the bind-users
mailing list