Results 1 to 5 of 5

Thread: Stop listing all records in DNS zone

  1. #1
    Join Date
    Aug 2005
    Location
    Spain
    Posts
    689

    Stop listing all records in DNS zone

    Hello,

    How can you prevent people listing your entire dns zone using nslookup?

    recursion no; in options is not stopping this.

    Thanks!
    New CyberAdmin Skin! DirectAdmin is just not the same without CyberAdmin skin. Give your customers the best web hosting control panel with the best skin in the market!

    Whitelabel,Responsive,Beautiful,3 Intelligent navigation methods and maintained by professionals. Check it out:
    Spanish: http://www.cyberneticos.com/cyberadmin.php
    English : http://www.cyberneticos.com/en/cyberadmin.php

  2. #2
    Join Date
    Aug 2005
    Location
    Spain
    Posts
    689
    ok I now have this set, and it stopped me from getting the list:

    allow-transfer { none;};
    version "[null]";

    But I am not sure what side effects this could have. Will this prevent multiserver setups from syncing ? Or is this ok?

    Any help is greatly appreciated.
    New CyberAdmin Skin! DirectAdmin is just not the same without CyberAdmin skin. Give your customers the best web hosting control panel with the best skin in the market!

    Whitelabel,Responsive,Beautiful,3 Intelligent navigation methods and maintained by professionals. Check it out:
    Spanish: http://www.cyberneticos.com/cyberadmin.php
    English : http://www.cyberneticos.com/en/cyberadmin.php

  3. #3
    Join Date
    Aug 2005
    Location
    Spain
    Posts
    689
    Ok, I ran a test and seems like multiserver is working. All servers involved in the multisetup have those same named options.

    Can anyone confirm that these options are not going to mess anything else up that I could be missing ?

    Thanks!
    New CyberAdmin Skin! DirectAdmin is just not the same without CyberAdmin skin. Give your customers the best web hosting control panel with the best skin in the market!

    Whitelabel,Responsive,Beautiful,3 Intelligent navigation methods and maintained by professionals. Check it out:
    Spanish: http://www.cyberneticos.com/cyberadmin.php
    English : http://www.cyberneticos.com/en/cyberadmin.php

  4. #4
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    11,023
    That's OK,

    allow-transfer defines a match list e.g. IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone). The default behaviour is to allow zone transfers to any host. While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway. However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests, then use the following policy.
    Multiserver function does not use bind to transfer zones, all updates and transfers are done directly via directadmin API.
    With regards, Alex.

    Professional Server Management for web hosting companies and individuals
    Hourly Support, Disaster Recovery, Server Hardening, Monthly Subscription
    Directadmin installation and optimization

    Click here if you need a Linux Admin

  5. #5
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Or in other words, as long as you're using the Multiserver option to manage your authoritative DNS on multple servers you won't have a problem. If you switch to using BIND to slave zones (as in my Master2Slave DNS Replicator (which doesn't require a DirectAdmin license on your DNS server[s]), you'll need to use the IP#s of the slave nameservers instead of none).

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

Similar Threads

  1. Replies: 0
    Last Post: 02-22-2011, 12:28 AM
  2. stop the spam- stop mail
    By tza in forum E-Mail
    Replies: 3
    Last Post: 05-27-2010, 12:25 PM
  3. MultiServer Setup, Zone records dont get updated????
    By pucky in forum General Technical Discussion & Troubleshooting
    Replies: 3
    Last Post: 09-26-2006, 11:05 AM
  4. DNS Zone Files and SPF Records
    By D9R in forum Feedback & Feature Requests
    Replies: 6
    Last Post: 12-19-2005, 10:41 AM
  5. ablity to not setup dns zone records on domain(s)
    By ProHS in forum Feedback & Feature Requests
    Replies: 6
    Last Post: 02-20-2004, 07:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •