Suresh Ramasubramanian wrote:
>
> Well, the guy who axfrs the zone later finds a nice lot of IPs to portscan.
>
> That, plus AXFR really chews up your bandwidth, as does allowing recursive
> queries so that any tom, dick and harry can put your nameserver IPs in his
> resolv.conf and use your dns server to resolve sites and surf the net.
>
Binand has shown us how to disable AXFR but the question of recursive
queries lies unanswered.
"Binand Raj S." wrote:
> Its a bad thing to let everyone know how your DNS setup looks like.
>
> For bind, put
>
> allow-transfer {
> none;
> };
>
> in the global options section. Or instead of none, your secondary
> DNS server's IP address.
>
How to disallow recursive queries so that other people outside the
network cant put our nameserver IPs in their resolv.conf and use our
nameserver to resolve sites and surf the net?
Regards,
Dayalan
P.S. I am collecting all the information I glean from LIH and hope to
contribute them as lost tips.Of course I wont be taking the credit as
the information is from other peoples posts on LIH ;)
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
