Blacklisting private address range

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Feb 24 09:03:30 UTC 2010


On Tue, Feb 23, 2010 at 09:56:55PM -0500,
 Diosney Sarmiento Herrera <diosney.s at gmail.com> wrote 
 a message of 20 lines which said:

> Have any sense to blacklist the private address ranges on a server
> that is facing Internet?

I am not sure I parse your sentence correctly but may be you refer to
the "Rebinding prevention feature" which appeared in 9.7.0?

deny-answer-addresses { 10.0.0.0/8; } 
deny-answer-addresses { 172.16.0.0/12; } 
deny-answer-addresses { 192.168.0.0/16; } 



More information about the bind-users mailing list