More on advisory question
Dave Wreski
dave at nic.com
Fri Oct 8 18:23:42 UTC 1999
I have another couple of questions on that recent advisory.
It states I can control access to bind version numbers to only authorized
users by using:
zone "bind" chaos {
type master;
file "primary/bind";
allow-query {
trusted;
};
allow-transfer {
none;
}
};
After adding that, and the primary/bind file, the following messages are
printed:
Oct 8 11:10:33 juggernaut named[889]: /etc/named.conf:21: unknown ACL
'trusted'
Oct 8 11:10:33 juggernaut named[889]: Zone "bind" (file primary/bind): No
default TTL set using SOA minimum instead
Why is the ACL 'trusted' not known?
Also, it states that 'unapproved query from ...' messages can be sent to a
seperate file using another syslog facility. What is the facility that it
uses?
Actually, how do I prevent unauthorized queries? I'd like to prevent
someone from doing:
# nslookup www.netscape.com ns.mydomain.com
for example...
Thanks,
Dave
More information about the bind-users
mailing list