From owner-freebsd-security Mon Jan 31 1:18:31 2000 Delivered-To: freebsd-security@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 0412214DC9 for ; Mon, 31 Jan 2000 01:18:29 -0800 (PST) (envelope-from mw@theatre.sax.de) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id KAA05755; Mon, 31 Jan 2000 10:18:09 +0100 (CET) Received: (from mw@localhost) by theatre.lan (8.9.3/8.9.3) id JAA34753; Mon, 31 Jan 2000 09:59:00 +0100 (CET) (envelope-from mw) Date: Mon, 31 Jan 2000 09:59:00 +0100 From: Martin Welk To: Craig Harding Cc: freebsd-security@FreeBSD.ORG Subject: Re: Continual DNS requests from mysterious IP Message-ID: <20000131095859.A34477@theatre.lan> References: <38962E10.9951FD38@outpost.co.nz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <38962E10.9951FD38@outpost.co.nz>; from crh@outpost.co.nz on Mon, Jan 31, 2000 at 04:51:28PM -0800 Organization: Private UUCP/Usenet site. X-Operating-System: FreeBSD http://www.freebsd.org/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jan 31, 2000 at 04:51:28PM -0800, Craig Harding wrote: > I'm in exactly the same situation on our network. I originally > planned to use two copies of BIND running on the one gateway machine, > each listening on a different interface (1 internal, 1 external), but > with the version of BIND I was using (8.1 I think) I found that this > wasn't possible, contrary to the documentation. And why do you want to do so? How about using access lists from within bind? You allow access to the pseudo-domain you're using for you local network and the reverse lookup from your local network only, and every- body asking from the outside will get no answer. You need only one name-server doing all the work for the network. Regards, Martin -- ,,You know, there's a lot of opportunities, if you're knowing to take them, you know, there's a lot of opportunities, if there aren't you can make them, make or break them!'' (Tennant/Lowe) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message