Date: Sun, 30 Jan 2000 15:07:14 +1000 (EST) From: Bruce Campbell <bc@thehub.com.au> To: freebsd-security@FreeBSD.ORG Cc: Chris Johnson <cjohnson@palomine.net> Subject: Re: Continual DNS requests from mysterious IP Message-ID: <Pine.BSF.3.96.1000130145251.70603D-100000@zinarktei.client.uq.net.au> In-Reply-To: <20000129115451.A14160@palomine.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 29 Jan 2000, Chris Johnson wrote: > On Sat, Jan 29, 2000 at 05:46:54PM +0100, Poul-Henning Kamp wrote: > > Tell named to only recurse for your own IP range (takes code hacking). > > Or use dnscache/tinydns instead of named. It's new, written by Dan Bernstein > (the author of qmail), and it'll give you control over who gets to request what > from your name servers. It's also small, secure, simple, etc., like qmail is. > I'm completely BIND-free now, and haven't had any problems whatsoever. > http://cr.yp.to/dnscache.html Hrm. Last time I checked, cr.yp.to had two nameservers (for yp.to) which happened to have the same IP address. I'm sorry, but I personally wouldn't trust my DNS to software written by someone who hasn't taken note of the suggestions within RFC2182 (Selection and Operation of Secondary DNS Servers) , then again, I've probably got more zones than you ;) --==-- Bruce. Devils Advocate. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1000130145251.70603D-100000>