Re: Bind 8 hardening {Scanned}
This is a discussion on Re: Bind 8 hardening {Scanned} within the Bind Users forums, part of the DNS and Related Forums category; Hi Peter, >> Slave 100.168.100.50 /etc/named.conf: > > As a non-dns issue but ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-30-2004
|
|||
|
|||
Re: Bind 8 hardening {Scanned}
Hi Peter,
>> Slave 100.168.100.50 /etc/named.conf: > > As a non-dns issue but still importent ; you should not use > ip 100.168.100.50, it's unassigned and will very likley hit > you in the future. Use "real" assigned ones or rfc-1918 ones. The ip address of 100.168.100.50 is not my 'real' ip address but I used it to post here to the public. My real ip address is a valid one. > allow-recursion { internal; }; > recursion no; Also, I had to remove the 'recursion no' from my /etc/named.conf because I was not able to access the Internet from lan so not sure if the 'allow-recursion' will take care of not allowing people from outside to use my name server? > acl internal { 192.168.100/24; 100.168.100/24; }; I also changed the above to only have the 100.168.100/24 ip block (btw, this is not my real ip address...just use this for posting to here). thanks, SW ------------------------------------------------- WPPi.com | WPPi.Net ------------------------------------------------- http://www.wppi.com | http://www.wppi.net ------------------------------------------------- WPPi.com & WPPi.Net MailScanner Signature This message has been scanned for viruses and dangerous content by WPPi MailScanner, and has been found to be clean. ------------------------------------------------- 
|
Linear Mode
