[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] attackalert: Unknown Type
- Subject: [cobalt-security] attackalert: Unknown Type
- From: "Dean Hall" <dean@xxxxxxxxx>
- Date: Fri, 22 Jun 2001 09:49:57 -0700
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
>
> I got a 3-4 like this, another strange thing in the log that day
> was alot of
> zone transfers to a ip not defined in my network setings! That should not
> happen..and what is an host belgium want with .no domain name info??
>
> Jun 20 14:51:15 www named[555]: approved AXFR from
> [212.68.195.60].2356 for
> "cats.no"
> Jun 20 14:51:15 www named[555]: zone transfer (AXFR) of "cats.no" (IN) to
> [212.68.195.60].2356
The GUI setup of the DNS service, by default, allows anyone to do a zone
transfer from your DNS server. To change this use the GUI.
Control Panel ==> services ==> DNS service parameters ==>add==>server
settings
In the Zone Transfer Access, enter the IP address of your secondary dns
server. That way only that system could request a zone transfer.
----
Dean Hall at Tactix ReEngineering ( dean@xxxxxxxxxx )
503 520-9699 http://www.tactix.com