On Thu, Mar 17, 2011 at 07:50:41PM +0530, babu dheen wrote: ... > Can anyone let me know whether company Internal DNS server should respond to > ROOT DNS query. When i execute # dig . NS @my-company-name-server query I am > getting complete response > > Let me know whether enabling ROOT DNS query is a security threat. For more > informaton can you read and help us to securely configure our company > internal Windows DNS server and its impact of disabling it. > ...
Babu Dheen, If you had a private internet with its own "root" name servers, and supposedly no IP access to the public Internet except via proxied firewalls, and you got this response, you would need to start looking for leaks. In your situation, where you are forwarding queries to the outside world, this response is appropriate and necessary. -- /*********************************************************************\ ** ** Joe Yao j...@tux.org - Joseph S. D. Yao ** \*********************************************************************/ _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users