In message <[EMAIL PROTECTED]>, Holger Honert writes:
> This is a multi-part message in MIME format.
> --------------090609000409090603090005
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> Content-Transfer-Encoding: 7bit
>
> Chris Thompson schrieb:
> > On Nov 17 2008, Res wrote:
> >
> >> On Sun, 16 Nov 2008, Jeff Justice wrote:
> >>
> >>> Well, first part solved. I forgot to change the IP address of our
> >>> nameserver at the registrar. Secondary is still not updating though.
> >>
> >>> options { directory "/opt/local/etc/named/";
> >>> listen-on port 53 { 127.0.0.1;74.87.108.83; };
> >>> pid-file none; statistics-file "named.stats";
> >>> datasize 20M; allow-recursion { localnets; };
> >>> allow-transfer { any;
> >>> };
> >>> };
> >>
> >> Ack! allow-transfer should never be any
> >
> > What, never? Why not?
> >
> Security issue! You really want everyone to download your zone(s)?
That is a decision for each operator to make. The ability to
transfer a zone is not by itself a security issue.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
