Script-kiddie / client <IP> query (cache) '<host>/MX/IN' denied
Kevin Darcy
kcd at chrysler.com
Tue Aug 3 19:25:31 UTC 2010
On 8/3/2010 3:03 PM, Denis BUCHER wrote:
> Dear Lyle,
>
> Le 03.08.2010 18:17, Lyle Giese a écrit :
>>> I would like to know if I can block hosts doing that at the level of
>>> /etc/hosts.allow or should I do it at the level of Bind itself ?
>> Use IPTables or add rules to your firewall. I don't believe that BIND
>> pays any attention to /etc/hosts.allow
>
> Yes I tried iptables, it is working perfectly, and /etc/hosts.allow
> does not look to be working. This was pefect :
>
> iptables -I INPUT 3 -p tcp -s 202.152.172.4 --dport 53 -j DROP
>
I'm no iptables experts, but doesn't that only apply to TCP packets?
- Kevin
More information about the bind-users
mailing list