Hello! You can reconfigure BIND so that it only answers to requests from your company's network only. If recursiv resolving is what you mean. I suggest you to use D. J. Bernstein's djbdns. It's small, fast, reliable and secure. check it out - cr.yp.to/djbdns.html I use it myself and suggest it to others also.. You will save yourself soem time if you use djbdns. It's way simpler to manage tinydns data files than it is to mess around with BIND zone files.
-- Martin 'pisi' Paljak / freelancer consultant [EMAIL PROTECTED] / pisi.pisitek.com www.pisitek.com On Sat, 3 Nov 2001, Thedore Knab wrote: > It has recently came to my attention that anyone can use our company's nameservers. > > I recently setup my home machine to use the company's nameserver to confirm this. > > I was wondering if there was anyway to prevent people from using our company's NS >for their personal servers ? > > Would the extra traffic generated cause any problems on our network that I may not >be aware of ? > > ------------------------------------------------ > Test Confirmation that our NS is open to world: | > ------------------------------------------------ > > ----------------------- > Step one: lookup name | > ----------------------- > > mylinux machine$ whois ourdomain.com > Whois Server Version 1.3 > > Domain names in the .com, .net, and .org domains can now be registered > with many different competing registrars. Go to http://www.internic.net > for detailed information. > > Domain Name: ournameserver.com > Registrar: NETWORK SOLUTIONS, INC. > Whois Server: whois.networksolutions.com > Referral URL: http://www.networksolutions.com > Name Server: NS1.ournameserver.net > Name Server: NS2.ournameserver.net > Updated Date: 27-oct-2001 > > ---------------------------------------------------- > Step two: change /etc/resolv.conf to the following | > ---------------------------------------------------- > > search ournameserver.com > nameserver 123.123.123.123 # nameserver1 > nameserver 123.123.123.134 # nameserver2 > > ------------------------- > Step three: sample run | > ------------------------- > > mylinux machine$ nslookup www.debian.org > > Server: ournameserver.com > Address: 123.123.123.123 > > Non-authoritative answer: > Name: www.debian.org > Address: 198.186.203.20 > > mylinux machine$ > > ---------------------- > GNU PGP public key > http://www.annapolislinux.org/docs/public_key/GnuPG.txt > --------------------- > Ted Knab > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
