disable recursion in Bind

I just noticed that my dns server was being used as a caching dns server for some random host.  In my log files, I was seeing ANY queries for x.h.ctrc.cc.  When I looked at the cache, this was for some encoded data.

Using the documentation on this page, I was able to fix this problem.  The way that I fixed this was to add the following to the options section:

// version statement for security to avoid
// hacking known weaknesses

version “get lost”;

// optional – disables all transfers –
// slaves allowed in zone clauses

allow-transfer {”none”;};

// optional – disable all recursive queries

allow-recursion {”none”;};

recursion no;

Technorati Tags: bind, DNS, security

Comments

• Categories

  • Blogging
  • Cars
  • Computer
  • Electronics
  • Family
  • Gadgets
  • Games
  • General
  • Hardware
  • Links
  • moblog
  • Phone
  • Uncategorized

• Archives

  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • December 2005
  • November 2005
  • October 2005
  • September 2005
  • August 2005
  • July 2005
  • June 2005
  • May 2005
  • April 2005
  • March 2005
  • February 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004
  • August 2004
  • July 2004
  • June 2004
  • May 2004
  • April 2004
  • March 2004
  • January 2004

• Blogroll

  • Engadget
  • Jessica’s Thoughts
  • Slacy’s Blog
  • Third Time Dad

• Community

  Already a member?
  Login
  
  Login using Facebook:
  
  Last visitors

  

  view more...
  Powered by Sociable!

• Sponsored Links

• Recent Posts

  • iPhone 3.0 and USASpec adapter
  • Other iPhone 3.0 features
  • Push notifications on the iPhone
  • Windows Home Server Backup
  • Two nice features of iPhone 3.0
  • FriendFeed Comments plugin
  • Project Natal on Late Night
  • Hulu on Windows Media Center

• Twitter

  • At the Rose, White & Blue parade. http://bit.ly/19eEWq # 2 hours ago
  • One more Friday deal: our 2nd favorite webcomic's iPhone app is free today. Viva XKCD! http://tr.im/qPL9 [iTunes link.] (via @TUAW) # 17 hours ago
  • At Gilroy Gardens http://bit.ly/w2XaG # 2009/07/03
  • Wild West Pinball now free in AppStore. iTunes link - http://bit.ly/190yA8 (via @clatko) # 2009/07/03
  • 10 Privacy Settings Every Facebook User Should Know http://ff.im/-4Ki0o # 2009/07/03