DNS recursive queries and security
Dan Amthor
groups at lonx.net
Fri Feb 22 09:00:24 UTC 2002
On Friday 22 February 2002 01:26, Thomas Kiblin wrote:
> Is this the correct interpretation? Do I have anything to worry about? I
> tried several other well-known domains and they get the same security
> warning. redhat.com does not :)
However this IS a very basic and serious security situation. A configuration
like could allow allow attackers to to use your NS for nasty purposes.
Recommendation: Limit recursion to IP's that use your server for
client-purposes. If yours is a busy site read up on other solutions as well.
Hth.
Best regards
Dan
More information about the bind-users
mailing list