Date: Fri, 29 Feb 2008 12:20:23 -0800 From: Chuck Swiger <cswiger@mac.com> To: Abdullah Ibn Hamad Al-Marri <wearabnet@yahoo.ca> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD 7.0 with BIND 9.4 issue Message-ID: <82621617-07C2-4DEF-B19B-E76561E4F066@mac.com> In-Reply-To: <638843.16712.qm@web33701.mail.mud.yahoo.com> References: <638843.16712.qm@web33701.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Feb 29, 2008, at 9:21 AM, Abdullah Ibn Hamad Al-Marri wrote:
> I need to make named do nslookup for any host from outside my
> network, but I faild to make it work as in older versions of BIND.
>
> [17:20](arabian2005@ns2)[~]> nslookup www.google.com ns3.wearab.net
> Server: NS3.WeArab.Net
> Address: 66.90.105.114
Add:
allow-recursion { any; };
...to the options section of named.conf. Note that this greatly
increases the risk of people misusing the server via cache spoofing
attacks; you are much better off specifying a more limited set of
networks which are permitted to make recursive queries.
--
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?82621617-07C2-4DEF-B19B-E76561E4F066>