FreeBSD 7.0 with BIND 9.4 issue
Chuck Swiger
cswiger at mac.com
Fri Feb 29 20:20:23 UTC 2008
On Feb 29, 2008, at 9:21 AM, Abdullah Ibn Hamad Al-Marri wrote:
> I need to make named do nslookup for any host from outside my
> network, but I faild to make it work as in older versions of BIND.
>
> [17:20](arabian2005 at ns2)[~]> nslookup www.google.com ns3.wearab.net
> Server: NS3.WeArab.Net
> Address: 66.90.105.114
Add:
allow-recursion { any; };
...to the options section of named.conf. Note that this greatly
increases the risk of people misusing the server via cache spoofing
attacks; you are much better off specifying a more limited set of
networks which are permitted to make recursive queries.
--
-Chuck
More information about the freebsd-questions
mailing list