Carlo
----------
> De: Kurt Schafer <kahuna@cyberbeach.net>
> Para: RadiusNT@iea-software.com
> Assunto: Re: DNS question
> Data: Segunda-feira, 16 de Março de 1998 15:11
>
> I'm almost positive you can edit your DNS server so that only authorized
> hosts can do zone transfers while still being able to query the server
for
> addresses from unauthorized hosts.
>
> ie, if you have a zone file that looks like this
>
> www.domain.com IN A 192.168.0.1
> ftp.domain.com IN A 192.168.0.2
> mail.domain.com IN A 192.168.0.3
> topsecretmachine.domain.com IN A 192.168.0.4
>
> you can set up your DNS server to resolve addresses that people ask for
> (like www.domain.com) but to not let people actually download your entire
> zone file. (and thereby be able to find out about the topsecretmachine)
>
> If you run BIND on a unix host, grab the latest version and go through
the
> docs. If you run MS-DNS, I have no idea but I'm sure if the functionality
> exists, it can't be too hard to find it. If you run a Cisco router, I
think
> you can implement some of this in access lists as well.
>
> = K
>
> -----Original Message-----
> From: Carlo Gibertini <carlo@nw.com.br>
> To: RadiusNT@iea-software.com <RadiusNT@iea-software.com>
> Date: Saturday, March 14, 1998 8:25 AM
> Subject: DNS question
>
>
> >I have a doubt: How can I configure DNS so that it won't show address
> >records to strangers outsiders of my network?
> >
> >I can do this ?
> >
> >Thanks,
> >
> >Carlo
> >
> >
> >
> > ----------------------------------------------------------
> > RadiusNT Mailing List lists@iea-software.com
> >
> >
>
>
> ----------------------------------------------------------
> RadiusNT Mailing List lists@iea-software.com
>