[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Recursive Queries (was: Running Bind as non Root)
- Subject: [cobalt-users] Recursive Queries (was: Running Bind as non Root)
- From: Barbara - <thebizworkers@xxxxxxxxx>
- Date: Sat Sep 1 00:21:03 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hi List,
Could someone please give me some pointers for turning
recursion off on ns queries on my RaQ3 to tighten down
security a bit? I still need my nameserver to answer
queries for domains on my box, but I want to reject
unauthorized queries for domains I don't host.
I tried to follow tips (instructions) from a book I
purchased from OpenNA to secure BIND, by adding the
following to named.conf
options {
directory "/etc/named";
allow-transfer { MY SECONDARY DNS IP; };
allow-query { 192.168.1.0/24; 207.35.78.0/24;
localhost; };
allow-recursion { 192.168.1.0/24; 207.35.78.0/24;
localhost; };
version "Go away!";
};
But it seems the info in the book is for an
implementation of BIND that's different from the setup
on the RaQ's (their method doesn't have the "records"
file either). So I just ended up with my logs full of
denied querys from IP's trying to access sites on the
server :-(
I saw this post regarding "Running Bind as non Root"
with a pkg of a tighter version of BIND, but I've
already implemented many of these changes except the
one for the ns querys. How can this be accomplished?
Thank you for your help
Barbara
__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com