host -l
Michael Vincent K. Pozon - CompE
vince at trinity.cebu.pilnet.com
Sun Apr 9 10:35:51 UTC 2000
i already configured allow-transfer in general and it works great, it will
not approve an AXFR from an unauthorize request but what i'm concern about
is the command "host -l mydomain.com" ... how do i restrict to not output
valuable domain data to unauthorize request ... and how do i log an action
requesting for "host -l mydomain.com" in the mydomain.com holder itself ?
On Sun, 9 Apr 2000, Thor Kottelin wrote:
>
>
> BIND Users Mailing List wrote:
>
> > From: "Michael Vincent K. Pozon - CompE" <vince at trinity.cebu.pilnet.com>
>
> > the slave will output zone entries to the unauthorize
> > user because my slave DNS doesnt have an allow-transfer set yet. anyways
> > ... is that why an unathorize request of 'host -l mydomain.com' is not
> > restricted ?
>
> IIRC, zone transfers are allowed by default. If you need to know why no
> restrictions have been set, you should probably ask whoever configured
> your server. Anyway, if you don't want to allow the world to pull zones,
> use the allow-transfer option to deny access (assuming BIND 8).
>
> Thor
>
> --
> Plain old email is very insecure. Please make it
> a little safer for yourself and me by using PGP.
> FAQ: <URL:http://www.pgp.net/pgpnet/pgp-faq/>.
> My public keys are available from key servers.
>
>
>
>
--
m i c h a e l v i n c e n t p o z o n
:: mikevince at netexecutive.com ::
---------------------------------------------------------------
HPS Software & Communication Corp. ICQ : 1413343
Pilipino Internet Cebu office : (+63)(32) 3447847
Systems/Network Administrator home : (+63)(32) 3446427
- - - - - - - - - - - - - - - - - - cell : (+63) 917-3276966
- - - - - - - - - - - - - - - - - http://mikevince.tripod.com
More information about the bind-users
mailing list