Bind 8 hardening {Scanned}
SW
wppiphoto at wppi.com
Thu Dec 30 21:07:26 UTC 2004
Hi Peter,
>> Slave 100.168.100.50 /etc/named.conf:
>
> As a non-dns issue but still importent ; you should not use
> ip 100.168.100.50, it's unassigned and will very likley hit
> you in the future. Use "real" assigned ones or rfc-1918 ones.
The ip address of 100.168.100.50 is not my 'real' ip address but I used it
to post here to the public. My real ip address is a valid one.
> allow-recursion { internal; };
> recursion no;
Also, I had to remove the 'recursion no' from my /etc/named.conf because I
was not able to access the Internet from lan so not sure if the
'allow-recursion' will take care of not allowing people from outside to use
my name server?
> acl internal { 192.168.100/24; 100.168.100/24; };
I also changed the above to only have the 100.168.100/24 ip block (btw, this
is not my real ip address...just use this for posting to here).
thanks,
SW
-------------------------------------------------
WPPi.com | WPPi.Net
-------------------------------------------------
http://www.wppi.com | http://www.wppi.net
-------------------------------------------------
WPPi.com & WPPi.Net MailScanner Signature
This message has been scanned for viruses
and dangerous content by WPPi MailScanner,
and has been found to be clean.
-------------------------------------------------
More information about the bind-users
mailing list