DNS recursive queries and security

Thomas Kiblin tom at kiblin.com
Fri Feb 22 00:26:56 UTC 2002


When using http://www.squish.net/dnscheck/ to examine some DNS
configurations it reports:

         Security: Server NS1.DOM.COM (x.x.x.x) is recursive
         when getting the SOA record.

According to the bind book, bind will make recursive queries to it's
forwarders (if you use the forwarders option).

I was, so I commented the section out and restarted named, but it still
reports this error. I'm guessing this is just a propagation thing.

Is this the correct interpretation? Do I have anything to worry about? I
tried several other well-known domains and they get the same security
warning. redhat.com does not :)

Running 9.1.3-4 from Redhat RPM on 7.2.


More information about the bind-users mailing list