Bind dns amplification attack
Matus UHLAR - fantomas
uhlar at fantomas.sk
Tue Mar 28 17:28:32 UTC 2023
>On 3/28/23 10:48 AM, Matus UHLAR - fantomas wrote:
>>If your server has authroritative zones for internal use, yes, in
>>such case allow-query is good idea.
On 28.03.23 11:02, Grant Taylor via bind-users wrote:
>The server that I first set this on had a secondary copy of the root
>zone for my systems use. I ended up adding additional restrictions to
>prevent the world from querying it in addition to the public zones
>that are allowed to be queried by the world.
Yes, this is one of the problem "authoritative zones for local use".
The default root "hint" zone is only available for those who have recursion
available.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap - rusty and illegal in 37 states.
More information about the bind-users
mailing list