XFRNETS option help

Kevin Oberman oberman at es.net
Wed Jan 26 19:34:44 UTC 2000


"Atlantis International Billing" <Billing at AtlantisNet.com> writes:

> I would like to implement the XFRNETS option in my named.boot file.  I know
> the following line will only allow zone transfers to anyone within the
> 204.185.199.0 class C address space.
> 
> XFRNETS 204.185.199.0
> 
> However, I would like to allow/include multiple class C's.  Is this possible
> and if so, what is the correct syntax?  I was thinking something like:
> 
> XFRNETS 204.185.199.0, 208.107.161.0, 199.230.194.0
> 
> Is this correct?  I am running Bind 4.9.5.

No, it's not! 

Running BIND 4.9.5 means you are running really old software with
several huge security flaws, one of which is commonly used to
compromise systems. If you upgrade to BIND 8.2.2p5, the only version I
am aware of that is not known to be insecure, xfernets and been
replaced by allow-transfer and named.boot by named.conf. the
documentation is pretty clear on how to configure the allow-transfer
option.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest Orlando Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net				Phone: +1 510 486-8634




More information about the bind-users mailing list