Tuesday, February 21, 2006

disable recursion in Bind

I just noticed that my dns server was being used as a caching dns server for some random host.  In my log files, I was seeing ANY queries for x.h.ctrc.cc.  When I looked at the cache, this was for some encoded data.

Using the documentation on this page, I was able to fix this problem.  The way that I fixed this was to add the following to the options section:

// version statement for security to avoid
// hacking known weaknesses

version "get lost";

// optional - disables all transfers -
// slaves allowed in zone clauses

allow-transfer {"none";};

// optional - disable all recursive queries

allow-recursion {"none";};

recursion no;

Technorati Tags: , ,


  1. where I can change these parameters? which is the config file for this change?

  2. This is in named.conf or any of the domain specific files

  3. Yes, it was /etc/named.conf
    thank you


Unlocking Raspberry Pi Potential: Navigating Network Booting Challenges for Enhanced Performance and Reliability

I've set up several Raspberry Pis around our house for various projects, but one recurring challenge is the potential for SD card failur...