RE: nameservers open to world - with test output

To: "James" <james@kathweb.net>
Cc: "'Thedore Knab'" <tjk@annapolislinux.org>, <debian-isp@lists.debian.org>
Subject: RE: nameservers open to world - with test output
From: Bulent Murtezaoglu <bm@acm.org>
Date: Sat, 3 Nov 2001 18:10:08 -0500 (EST)
Message-id: <[🔎] 15332.31056.106083.769952@nkapi.internal>
In-reply-to: <[🔎] 002d01c164b3$3ed737a0$82e53181@jamesdesktop>
References: <[🔎] 20011103135634.A14363@annapolislinux.org> <[🔎] 002d01c164b3$3ed737a0$82e53181@jamesdesktop>

    James> Well, if your company runs the DNS for your website on
    James> those servers and you block outside IPs from querying from,
    James> no one on the internet will be able to go to your website.
    James> :) [...]

I think the right way to do this in bind 8.?? is:

In named.conf 

options {
// bla bla
allow-query { 127/8; your-network/bits; };
};

and for domain names you are authoritative for

zone "your-domain-name.com" in {
        type master;
        allow-query { any; } ;
        file "/etc/bind/your-domain-name.com";
};

This will accomplish what you want.

cheers,

BM

Reply to:

References:
- nameservers open to world - with test output
  - From: Thedore Knab <tjk@annapolislinux.org>
- RE: nameservers open to world - with test output
  - From: "James" <james@kathweb.net>

Prev by Date: RE: nameservers open to world - with test output
Next by Date: Re: nameservers open to world - with test output
Previous by thread: RE: nameservers open to world - with test output
Next by thread: Re: nameservers open to world - with test output
Index(es):
- Date
- Thread