How to secure DNS...
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Sat Mar 2 10:57:21 UTC 2002
Christopher Corn <christopher_corn at yahoo.com> wrote:
> Just setup my Bind server on my solaris 2.8 box, version 8.X. This
> system is also going to be the DNS server for my zone, out on the
> internet. Doing so makes my system accessible to the world. I'm not
> too familiar with DNS, so my question is, can you secure the number of
> server that have access to my system? Can you restrict access to only
> root srevers ? without blocking out the rest of the world. MY
> understanding of DNs is that, when a zones' dns server cannot resolve,
> its then resolved throughthe root servers. Therefore in theory i
> should be able to block out everyone but rootservers. is this
> correct?
If you are unfamiliar with DNS i'll suggest you get a copy of
"Managing DNS and BIND".
There is a chapter that deals with the issues you ask about,
and by some strange coincident, that chapter is available
in Internet !!
See "http://www.oreilly.com/catalog/dns4/chapter/ch11.html"
> Thanks in advance,
> Chris
--
Peter Håkanson
IPSec Sverige (At the Riverside of Gothenburg, home of Volvo)
Sorry about my e-mail address, but i'm trying to keep spam out.
Remove "icke-reklam" and it works.
More information about the bind-users
mailing list