Tuesday , 25 June 2019
Breaking News
Home » WWW (page 258)


Restricting Zone Transfers

Another way to keep a primary or secondary DNS server secure is to restrict zone transfers to authorized sources only. By default, the “Allows zone transfer” checkbox is enabled for each zone created, which means that anyone who can issue queries against a server can also request a copy of the entire zone file. This is an especially bad security risk when a server is world-accessible. You should configure named to allow zone transfers only to authorized secondary DNS servers. Locking down zone transfers also prevents denial of service (DoS) by zone transfer to unexpected hosts. There are two ways ... Read More »

About the Domain Name System

Originally, computers performed name-to-address mapping via a simple text file, the hosts file, which contained a list of every machine that needed to be referenced by name. Using the hosts file, a computer could resolve a lookup. Every computer had a copy of the hosts file. If an IP address changed for any machine in that file, the reference would need to be changed in the hosts file and every computer’s hosts file would need to be updated to reflect the change. Clearly, the number of machines on the Internet today makes this an impossible task. The Domain Name System ... Read More »