host -l

Michael Vincent K. Pozon - CompE vince at trinity.cebu.pilnet.com
Sun Apr 9 10:35:51 UTC 2000


i already configured allow-transfer in general and it works great, it will
not approve an AXFR from an unauthorize request but what i'm concern about
is the command "host -l mydomain.com" ... how do i restrict to not output
valuable domain data to unauthorize request ... and how do i log an action
requesting for "host -l mydomain.com" in the mydomain.com holder itself ?

On Sun, 9 Apr 2000, Thor Kottelin wrote:

> 
> 
> BIND Users Mailing List wrote:
> 
> > From: "Michael Vincent K. Pozon - CompE" <vince at trinity.cebu.pilnet.com>
> 
> >  the slave will output zone entries to the unauthorize
> > user because my slave DNS doesnt have an allow-transfer set yet.  anyways
> > ... is that why an unathorize request of 'host -l mydomain.com' is not
> > restricted ?
> 
> IIRC, zone transfers are allowed by default. If you need to know why no
> restrictions have been set, you should probably ask whoever configured
> your server. Anyway, if you don't want to allow the world to pull zones,
> use the allow-transfer option to deny access (assuming BIND 8).
> 
> Thor
> 
> -- 
> Plain old email is very insecure. Please make it
> a little safer for yourself and me by using PGP.
> FAQ: <URL:http://www.pgp.net/pgpnet/pgp-faq/>.
> My public keys are available from key servers.
> 
> 
> 
> 

--
m  i  c  h  a  e  l   v  i  n  c  e  n  t   p  o  z  o  n
          ::  mikevince at netexecutive.com  ::
---------------------------------------------------------------
HPS Software & Communication Corp.     ICQ : 1413343
Pilipino Internet Cebu              office : (+63)(32) 3447847
Systems/Network Administrator       home   : (+63)(32) 3446427
- - - - - - - - - - - - - - - - - - cell   : (+63) 917-3276966
 - - - - - - - - - - - - - - - - -  http://mikevince.tripod.com




More information about the bind-users mailing list