9.3.0 and DNS REQUEST

J.D. Bronson jbronson at wixb.com
Thu Nov 11 23:48:26 UTC 2004

  I have noticed that some spammers have been trying to grab all my zone
  information (But not a XFR)...and the cisco IDS box I have logs this:


  I can duplicate this:

    server dns1.domain.com
    set q=any

  and as expected the entire DNS record is presented.

  Is there any way to stop this within BIND? - I can DROP the packet using
  IDS on the Cisco, but my 3rd DNS server is located in a system that I
  cannot do this in...

  Any advice would be appreciated!

J.D. Bronson
Aurora Health Care // Information Services // Milwaukee, WI USA
Office: 414.978.8282 // Email: jd at aurora.org // Pager: 414.314.8282

More information about the bind-users mailing list