Tuesday, February 21, 2006

disable recursion in Bind


I just noticed that my dns server was being used as a caching dns server for some random host.  In my log files, I was seeing ANY queries for x.h.ctrc.cc.  When I looked at the cache, this was for some encoded data.


Using the documentation on this page, I was able to fix this problem.  The way that I fixed this was to add the following to the options section:




// version statement for security to avoid
// hacking known weaknesses

version "get lost";


// optional - disables all transfers -
// slaves allowed in zone clauses

allow-transfer {"none";};


// optional - disable all recursive queries

allow-recursion {"none";};

recursion no;



Technorati Tags: , ,

By -
Labels:

3 comments:

  1. friendMay 15, 2009 at 9:02 PM

    where I can change these parameters? which is the config file for this change?

    ReplyDelete
  2. pwestbroMay 16, 2009 at 5:53 AM

    This is in named.conf or any of the domain specific files

    ReplyDelete
  3. FRIENDJune 16, 2009 at 3:43 AM

    Yes, it was /etc/named.conf
    thank you

    ReplyDelete

Subscribe to: Post Comments (Atom)

Unlocking Raspberry Pi Potential: Navigating Network Booting Challenges for Enhanced Performance and Reliability

I've set up several Raspberry Pis around our house for various projects, but one recurring challenge is the potential for SD card failur...