named.conf 'allow' options breaking dns {Scanned}
Pete Ehlke
pde at ehlke.net
Wed Dec 31 16:17:38 UTC 2003
On Wed, Dec 31, 2003 at 11:02:00AM -0500, SW wrote:
> Ok, I thought I followed all the right steps to fix a few vulunerabilities
> (excuse spelling). But now it seems on one is able to get any information
> off our dns server including local users. :-( Can't someone make bind a
> little simpler. ;-)
>
> Can someone tell me if there is a problem with the following /etc/named.conf
> file:
>
> options {
> directory "/etc/named";
> allow-recursion { xxx.xxx.xxx.xxx/27; localhost; };
> allow-query { xxx.xxx.xxx.xxx/27; localhost; };
> version "WPPi Name Server - NA";
> allow-transfer { 68.166.149.50; };
> };
> logging {
> category lame-servers { null; };
> };
> zone "." { type hint; file "db.cache"; };
> zone "pureportraits.com" { type master; file "pri.pureportraits.com";
> allow-query { any; };
> zone "ultraphotos.com" { type master; file "pri.ultraphotos.com";
> allow-query { any; };
>
If that's actually your named.conf, it's invalid, as your zone
definitions are missing the end brace. It's usually a lot clearer to do
zone definitions as C or perl style indented blocks:
zone "ultraphotos.com" {
type master;
file "pri.ultraphotos.com";
allow-query { any; };
};
More information about the bind-users
mailing list