Competitor using my DNS servers
David Botham
dns at botham.net
Mon Aug 26 16:55:32 UTC 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]
> On Behalf Of NCKCN
> Sent: Monday, August 26, 2002 9:48 AM
> To: comp-protocols-dns-bind at isc.org
> Subject: Re: Competitor using my DNS servers
>
> Danny,
>
> Didn't work. I can get forward lookups from anywhere. Maybe this
> would only
> work if someone was doing secondary off me. What I am trying to
> prevent is them setting up their clients with my DNS servers as
> their primary and secondary DNS server configuration. It appears
> that "allow-recursion" doesn't prevent this...
There is nothing you can do to prevent them from setting up their
clients in a particular manner. However, allow-recursion would stop
them from using your name server for recursive queries, thereby,
making your name servers worthless to them.
Dave...
>
> Thanks,
> TKT
>
> "Danny Mayer" <mayer at gis.net> wrote in message
> news:ajv1t5$15k2$1 at isrv4.isc.org...
> >
> > At 07:26 PM 8/20/02, TIA wrote:
> > >One of our competitors is using my DNS servers for their clients
> > >setup.
> Is
> > >there a way to stop this?
> > >
> > >TIA
> >
> > Use allow-recursion { your-network-addresses-list;};
> > in options to restrict recursive queries (ie queries for which
> > your
> server
> > is not authorative) to only those network addresses that you
> > serve. Don't forget to include 127.0.0.1 in the list. See the ARM
> > Chapter 6 for detailed documentation.
> >
> > That way people can get answers to queries that your servers are
> > authorative but have to go elsewhere for other queries.
> >
> > Danny
> >
> >
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQA/AwUBPWpdhFq85iiiMQ4EEQLJWwCcDY9zuoQ0q5md3u/J2aBtAN0L/K8AoMk8
UZVo/P2p2W92wBzzfWxQf3dq
=ZEbi
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list