DNS security question
Cameron Simpson
cs at zip.com.au
Sun Feb 3 22:50:04 UTC 2008
On 03Feb2008 17:15, Luc MAIGNAN <luc.maignan at winxpert.com> wrote:
> I've setup a DNS server (Bind/Named of course) to resolve several web
> servers I host. How can I restrict on my DNS server queries that only apply
> to my domains names and not any ? (in others words, how to disable my
> server to be an open-relay dns server ?)
You need to turn off the "recursion" setting. From a DNS server I
maintain, in the "options" section at the top I have:
allow-recursion { none; };
You can be more flexible there, for example allowing recursion for your
internal LAN clients but not the outer world.
Cheers,
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
Patent laws: made for the benefit of little inventors, opposed by little
inventors, pushed by big corporations. Something is quite wrong.
- http://slashdot.org/~marcello_dl
More information about the fedora-list
mailing list