[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] DENY ZoneTransfers to Non Approved Servers
- Subject: Re: [cobalt-security] DENY ZoneTransfers to Non Approved Servers
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 23 Jul 2002 08:35:14 -0400 (EDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tue, 23 Jul 2002, Jamie - i-Dot wrote:
> Does anyone know if the inbuilt dns server supports a lockdown of Zone
> Transfers to only listed nameservers, such as Miscorosft DNS server
> does...
>
> I would prefer to lock down the servers so that external queries of
> domains cant be conducted on a wide scale
>
> Ie
>
> Host -lv domain.com would usually reveal every single subdomain of
> domain.com, which I am sure you will agree is a slight security risk..
>
look at the cricket book options AXFR IIRC
options {
}
--
Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
http://frontstreetnetworks.com | Website Hosts & SOHO Networks
229 Front Street, Ste.#C, New Haven, CT. 06513 United States
voice +1 302-785-0699 | fax +1 203-785-1787