Re: BIND9 transferring zones

To: Warwick Brown <moonman@linux-moonman.net>
Cc: debian-isp@lists.debian.org
Subject: Re: BIND9 transferring zones
From: Simon McCartney <simon@asidua.com>
Date: Thu, 13 Mar 2003 10:14:37 +0000
Message-id: <20030313101437.GQ10675@asidua.com>
Reply-to: simon@asidua.com
In-reply-to: <200303130950.44034.moonman@linux-moonman.net>
References: <200303130952.59882.tomas@asertel.es> <200303130950.44034.moonman@linux-moonman.net>

On Thu, Mar 13, 2003 at 09:50:43AM +0000, Warwick Brown wrote:
> On Thursday 13 March 2003 8:52 am, Tomàs Núñez Lirola wrote:
> > Hi
> > I've heard about disable zone transferring in BIND. I thought it is a good
> > idea, in order to hide a little more your net (obviously you can query my
> > DNS for all possible names and get the same information), but also I
> > thought that if BIND transfer zones by default, it has some reason.
> >
> > So can anyone comment inconvenients/advantages of disabling transfer DNS
> > zones?

<SNIP>

> disadvantages:
> 
> cannot transfer the zone to another system when backing up zone files using 
> dig or nslookup 

You can of course just allow a handful of servers to do transfers, i.e.
off-site DNS backup etc.


-simonm (E: simon@asidua.com W: +44 28 9072 5060 M: +44 7710 836915)
One By One The Penguins Steal My Sanity

Reply to:

Follow-Ups:
- Re: BIND9 transferring zones
  - From: Warwick Brown <moonman@linux-moonman.net>

References:
- BIND9 transferring zones
  - From: Tomàs Núñez Lirola <tomas@asertel.es>
- Re: BIND9 transferring zones
  - From: Warwick Brown <moonman@linux-moonman.net>

Prev by Date: Re: BIND9 transferring zones
Next by Date: Re: BIND9 transferring zones
Previous by thread: Re: BIND9 transferring zones
Next by thread: Re: BIND9 transferring zones
Index(es):
- Date
- Thread