Date: Mon, 23 Aug 1999 12:48:09 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Nate Williams <nate@mt.sri.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPFW/DNS rules Message-ID: <199908231948.MAA10395@apollo.backplane.com> References: <199908231935.NAA01122@mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:I've got some rules in place, but if someone has gotten DNS firewall
:rules I'd be grateful to see them.
:
:Thanks!
:
:Nate
If you are primary for one or more domains the server that serves those
domains should be configured for read-only operation. It should not be
configured as a caching server. If you do that the server will be
reasonably well protected.
You can create allow/deny lists in named.conf, configuration options are
well documented in the bind distribution, in your source tree:
file:/usr/src/contrib/bind/doc/html/
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908231948.MAA10395>