Alex Samad <[email protected]> writes:
> On Wed, Jan 28, 2009 at 10:40:14AM +1100, Kyle wrote:
>> Alex Samad wrote:
>> > On Tue, Jan 27, 2009 at 01:15:25PM +1100, Daniel Pittman wrote:
>> >
>> > doesn't stop them getting down my adsl link, but atleast it keeps them
>> > off my dns server :{
>>
>> Which begs the question;
>>
>> IF it is your personal DNS, it is surely only caching the outside
>> world and updating for your internal world. Why have you got 53 open
>> to the outside world in the first place?
>
> its not, its a primary and tertiary for another
The guide to securing bind9 available from the SANS link I posted has a
good template for configuring your system to act safely, even if you use
a single system as a resolver *and* an authoritative DNS server.
I used it, (urgently since my systems were participating) and it has
resolved the issue: rimspace.net no longer responds inappropriately to
outside queries, but is a recursive and authoritative resolver.
I highly recommend their guides.
Regards,
Daniel
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
