Avoiding external propagation of my DNS
Anthony Atkielski
anthony at freebie.atkielski.com
Sun Dec 23 09:54:57 UTC 2001
How can I make double-sure that no data on my nameserver is propagated to
the outside world? I have BIND running on my small FreeBSD box to provide
caching for DNS lookups and to redefine an external domain with different,
internal LAN addresses. For this latter purpose I've included SOA records
in my zone files for the domain in question, such that my LAN thinks that my
DNS server is authoritative, whereas the rest of the world looks to a
different, external DNS server as the authoritative server.
This morning I noticed a small group of machines hitting the DNS port on my
LAN for quite some time; their connections were trapped and dropped by the
firewall, but I am wondering if this is just a coincidence, or if somehow my
zone data leaked to the outside world. How do I make sure that my
nameserver never tries to propagate what it thinks is authoritative data on
my domain to external DNS servers?
More information about the bind-users
mailing list