Re: Hardening named.conf
hi,
try this tutorial, I think it's the right for you:
http://mail-abuse.org/rbl/usage.html#DNSuse
Greetz
Konstantin
On Wed, 28 Jan 2004 22:11:16 +0000
Dale Amon <amon@vnl.com> wrote:
> I've finally been annoyed enough by spammer hits on
> my DNS that I've pulled out the BOG for the first time
> in several years.
>
> What I'd like to accomplish is the following:
>
> * allow-query for a specific list of addresses
> to use the server for their dns resolution.
>
> * allow-query to the universe for zones
> (domains and subdomains) that are hosted
> as primary or secondary on the server but
> drop all other requests.
>
> * I already limit zone xfr's to specific
> machines.
>
> I'm not clear on how to do the first and second without
> them interfering with each other although I'm sure
> it can be done.
>
> I am leaning towards an options allow-query with a
> an access list and adding allow-query to each zone
> to allow-query all if I can figure out how to do that.
>
> If some kind soul knows off the top of their head, it
> would save me the better part of an evening and perhaps
> wee hours of the morning.
>
> --
> ------------------------------------------------------
> Dale Amon amon@islandone.org +44-7802-188325
> International linux systems consultancy
> Hardware & software system design, security
> and networking, systems programming and Admin
> "Have Laptop, Will Travel"
> ------------------------------------------------------
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: