AW: local DNS
Barry Margolin
barmar at alum.mit.edu
Mon Sep 6 14:38:31 UTC 2004
In article <chgu7d$2c0o$1 at sf1.isc.org>,
"Walkenhorst, Benjamin" <Benjamin.Walkenhorst at telekom.de> wrote:
> Hello,
>
> Is there any way to change this behavior without
> modifying the source?=20
> I mean, you can just turn off recursive queries, but does that leave =
> any
> chance for, say, a cache-poisoning attack?
If you turn off recursion and fetch-glue, I don't think the nameserver
should ever have a reason to send an outbound query.
You could also block outbound port 53 on your router or firewall.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list