DNS recursive queries and security

Dan Amthor groups at lonx.net
Fri Feb 22 09:00:24 UTC 2002


On Friday 22 February 2002 01:26, Thomas Kiblin wrote:
> Is this the correct interpretation? Do I have anything to worry about? I
> tried several other well-known domains and they get the same security
> warning. redhat.com does not :)
However this IS a very basic and serious security situation. A configuration 
like could allow allow attackers to to use your NS for nasty purposes. 
Recommendation: Limit recursion to IP's that use your server for 
client-purposes. If yours is a busy site read up on other solutions as well. 

Hth.
Best regards 
Dan


More information about the bind-users mailing list