On Tue, 23 Feb 2010, jcarrol...@cfl.rr.com wrote:
Due to an security audit I have been given the task of upgrading our BIND from 9.3 to a new version (9.7 is preferred). Using the package from sunfreeware.com (Solaris 10/X86) the upgrade seem to work well. However, whenever someone tries to nslookup (or dig) an external site (i.e. cnn.com) they get REFUSED. If I back down to the 9.3 version all is well. I've tried to find what new security feature is required, but alas I can't seem to get it. What changes affect resolving outside sites?
The allow-query* options might be pertinent. ________________________________________________________________________ Jay Ford, Network Engineering Group, Information Technology Services University of Iowa, Iowa City, IA 52242 email: jay-f...@uiowa.edu, phone: 319-335-5555, fax: 319-335-2951 _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
