Script-kiddie / client <IP> query (cache) '<host>/MX/IN' denied

Lightner, Jeff jlightner at water.com
Tue Aug 3 19:29:12 UTC 2010 

Yes - I had already written him off list in reply to an email he sent me and pointed it out.   It also only blocks port 53 so if he had other ports open the script kiddie would still be able to see those other ports. 

-----Original Message-----
From: bind-users-bounces+jlightner=water.com at lists.isc.org [mailto:bind-users-bounces+jlightner=water.com at lists.isc.org] On Behalf Of Kevin Darcy
Sent: Tuesday, August 03, 2010 3:26 PM
To: bind-users at lists.isc.org
Subject: Re: Script-kiddie / client <IP> query (cache) '<host>/MX/IN' denied

On 8/3/2010 3:03 PM, Denis BUCHER wrote:
> Dear Lyle,
>
> Le 03.08.2010 18:17, Lyle Giese a écrit :
>>> I would like to know if I can block hosts doing that at the level of
>>> /etc/hosts.allow or should I do it at the level of Bind itself ?
>> Use IPTables or add rules to your firewall. I don't believe that BIND
>> pays any attention to /etc/hosts.allow
>
> Yes I tried iptables, it is working perfectly, and /etc/hosts.allow 
> does not look to be working. This was pefect :
>
> iptables -I INPUT 3 -p tcp -s 202.152.172.4 --dport 53 -j DROP
>
I'm no iptables experts, but doesn't that only apply to TCP packets?

                                                                         
                                                                     - Kevin

_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
 
Proud partner. Susan G. Komen for the Cure.
 
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the bind-users mailing list