ls -d
Andrey G. Sergeev (AKA Andris)
andris at aernet.ru
Mon Aug 11 14:36:05 UTC 2008
Hi Ejaz,
Mon, 11 Aug 2008 16:43:25 +0300 Ejaz wrote:
> Dear all,
> I have two dns server with same version of bind and with similar
> configuration,
>
> When ever i go with my ns2 (ns2.cyberia.net.sa) server into nslookup
> mode, any can can run the command: ls -d "domain name" as an arugement
> and gettting full dump information about that domain.
>
> Please can any one guide me that How do I set up my Bind to not show
> my domain if someone does this(ls -d "domainname") to me.
You need to disable an unwanted AXFR queries either by limiting them
completely, under the "options" section of named.conf, or just for the
single zone okaz.com.sa. The BIND configuration directive you should
look for is the "allow-transfer".
If you decide to limit AXFR for the zone only, try this:
zone "okaz.com.sa" IN {
type master;
file "path/to/zone/files/zonefile";
allow-transfer {
ip-address-of-other-name-server;
ip-address-of-root-workstation;
...;
};
};
--
Yours sincerely,
Andrey G. Sergeev (AKA Andris) http://www.andris.name/
More information about the bind-users
mailing list