Jerry Pasker wrote:
Steve Sobol replied with:
I'm not going to enter into a long discussion with you. :)
I'm just curious why you didn't restrict AXFR to certain IPs instead.
And I'm posting back to NANOG:
I did.
And I had router ACLs doing the same thing. Allow to hosts that needed
it, deny for everyone else. And I did this to ALL my DNS servers.
What were the router ACLs doing that the DNS server ACLs weren't/couldn't?
--
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
"The wisdom of a fool won't set you free"
--New Order, "Bizarre Love Triangle"
