Date: Wed, 18 Jul 2001 07:41:15 -0700 (PDT) From: David Wolfskill <david@catwhisker.org> To: freebsd-security@FreeBSD.ORG, modulus@icmp.dhs.org Subject: Re: named & zone transfers Message-ID: <200107181441.f6IEfFH65804@bunrab.catwhisker.org> In-Reply-To: <20010718223718.A14766-100000@icmp.dhs.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>Date: Wed, 18 Jul 2001 22:38:57 -0500 (CDT) >From: modulus <modulus@icmp.dhs.org> >I was wondering how i would restrict all zone transfers >with the exception of the secondary DNS daemon. Although I'd be very hard-pressed to consider this a "security" issue (or a FreeBSD one), the precise syntax will depend on which nameserver software you are using. For example, with BIND 8, the "options" statement may be used to specify a default policy with respect to zone transfers, and the "stanzas" for individual zones may contain clauses that override that default. The O'Reilly _DNS and BIND_ volume covers the material rather thoroughly. Cheers, david -- David H. Wolfskill david@catwhisker.org As a computing professional, I believe it would be unethical for me to advise, recommend, or support the use (save possibly for personal amusement) of any product that is or depends on any Microsoft product. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107181441.f6IEfFH65804>