On 28.03.23 18:48, Nyamkhand Buluukhuu wrote:
Like below in named.conf:acl recclients { 43.228.128.2/32; 202.70.32.17/32; 103.29.147.0/29; 103.99.103.0/24; } allow-recursion { recclients; };
Great, this means that only clients with those IP addresses can query your server for non-local information.
So, your server should NOT be part of Amplification attack. (unless you run VERY OLD version of BIND) -- Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 2B|!2B, that's a question! -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
