Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 30 Jan 2000 15:07:14 +1000 (EST)
From:      Bruce Campbell <bc@thehub.com.au>
To:        freebsd-security@FreeBSD.ORG
Cc:        Chris Johnson <cjohnson@palomine.net>
Subject:   Re: Continual DNS requests from mysterious IP
Message-ID:  <Pine.BSF.3.96.1000130145251.70603D-100000@zinarktei.client.uq.net.au>
In-Reply-To: <20000129115451.A14160@palomine.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 29 Jan 2000, Chris Johnson wrote:

> On Sat, Jan 29, 2000 at 05:46:54PM +0100, Poul-Henning Kamp wrote:
> > Tell named to only recurse for your own IP range (takes code hacking).
> 
> Or use dnscache/tinydns instead of named. It's new, written by Dan Bernstein
> (the author of qmail), and it'll give you control over who gets to request what
> from your name servers.  It's also small, secure, simple, etc., like qmail is.
> I'm completely BIND-free now, and haven't had any problems whatsoever.
> http://cr.yp.to/dnscache.html

Hrm.  Last time I checked, cr.yp.to had two nameservers (for yp.to) which
happened to have the same IP address.

I'm sorry, but I personally wouldn't trust my DNS to software written by
someone who hasn't taken note of the suggestions within RFC2182 (Selection
and Operation of Secondary DNS Servers) , then again, I've probably got
more zones than you ;)

--==--
Bruce.

Devils Advocate.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1000130145251.70603D-100000>