Date: Mon, 31 Jan 2000 09:59:00 +0100 From: Martin Welk <mw@theatre.sax.de> To: Craig Harding <crh@outpost.co.nz> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Continual DNS requests from mysterious IP Message-ID: <20000131095859.A34477@theatre.lan> In-Reply-To: <38962E10.9951FD38@outpost.co.nz>; from crh@outpost.co.nz on Mon, Jan 31, 2000 at 04:51:28PM -0800 References: <38962E10.9951FD38@outpost.co.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 31, 2000 at 04:51:28PM -0800, Craig Harding wrote:
> I'm in exactly the same situation on our network. I originally
> planned to use two copies of BIND running on the one gateway machine,
> each listening on a different interface (1 internal, 1 external), but
> with the version of BIND I was using (8.1 I think) I found that this
> wasn't possible, contrary to the documentation.
And why do you want to do so? How about using access lists from within
bind? You allow access to the pseudo-domain you're using for you local
network and the reverse lookup from your local network only, and every-
body asking from the outside will get no answer.
You need only one name-server doing all the work for the network.
Regards,
Martin
--
,,You know, there's a lot of opportunities, if you're knowing to take them,
you know, there's a lot of opportunities, if there aren't
you can make them, make or break them!'' (Tennant/Lowe)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000131095859.A34477>