[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Recursive Queries (was: Running Bind as non Root)

Subject: [cobalt-users] Recursive Queries (was: Running Bind as non Root)
From: Barbara - <thebizworkers@xxxxxxxxx>
Date: Fri Aug 31 18:32:54 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Hi List,

Could someone please give me some pointers for turning
recursion off on ns queries on my RaQ3 to tighten down
security a bit? I still need my nameserver to answer
queries for domains on my box, but I want to reject
unauthorized queries for domains I don't host. 

I tried to follow tips (instructions) from a book I
purchased from OpenNA to secure BIND, by adding the
following to named.conf

options {
directory "/etc/named";
allow-transfer { MY SECONDARY DNS IP; };
allow-query { 192.168.1.0/24; 207.35.78.0/24;
localhost; };
allow-recursion { 192.168.1.0/24; 207.35.78.0/24;
localhost; };
version "Go away!";
};

But it seems the info in the book is for an
implementation of BIND that's different from the setup
on the RaQ's (their method doesn't have the "records"
file either). So I just ended up with my logs full of
denied querys from IP's trying to access sites on the
server  :-(

I saw this post regarding "Running Bind as non Root"
with a pkg of a tighter version of BIND, but I've
already implemented many of these changes except the
one for the ns querys. How can this be accomplished?
Thank you for your help

Barbara

__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com

Prev by Date: [cobalt-users] portfwd and PCAnywhere on Cube3
Next by Date: [cobalt-users] Interchange Help!
Previous by thread: [cobalt-users] portfwd and PCAnywhere on Cube3
Next by thread: [cobalt-users] Recursive Queries (was: Running Bind as non Root)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index