Basic Question re Security issue
Chris Buxton
cbuxton at menandmice.com
Sat Jul 26 05:36:54 UTC 2008
What version of BIND did you upgrade from? If it was BIND 9.3.x or
earlier, then I think you have not created an allow-recursion
statement - you've been relying on the default of:
options {
allow-recursion { any; };
};
The new default is:
options {
allow-recursion { localhost; localnets; };
};
You probably just need to open that back up somewhat. Please do not
return your config to using an allow-recursion ACL of { any; }. Keep
it as limited as you can while allowing those you must allow.
Chris Buxton
Professional Services
Men & Mice
On Jul 25, 2008, at 7:27 PM, Skeeve Stevens wrote:
> OK, I upgraded to the latest binds (tried latest 9.4 and 9.5) and the
> compatibility with my current 9.4 config file seemed fine, except
> recursion
> broke.
>
> So.. for a quick explanation here.
>
> After we have the latest safe code, what config changes should we be
> making
> for everything to be ok?
>
> .Skeeve
>
> --
> Skeeve Stevens, RHCE
> skeeve at skeeve.org / www.skeeve.org
> Cell +61 (0)414 753 383 / skype://skeeve
>
> eintellego - skeeve at eintellego.net - www.eintellego.net
> --
> I'm a groove licked love child king of the verse
> Si vis pacem, para bellum
>
>
>
>
>
More information about the bind-users
mailing list