I'm running BIND name server under Windows 2k and I don't particually want the DOS window open all
the time in my taskbar. Is there a way to run the named.exe in the background?
Right now I used named -f to start it and the DOS window is in my taskbar.
Also, any basic security issues for which I should be aware. I read the BIND documentation and it
suggests using ACL lists to prevent spoofing attacks. Here is there example.
acl bogusnets { 0.0.0.0/8; 1.0.0.0/8; 2.0.0.0/8; 192.0.2.0/24; 224.0.0.0/3; 10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
acl our-nets { x.x.x.x/24; x.x.x.x/21; };
options {
...
...
allow-query { our-nets; };
allow-recursion { our-nets; };
...
blackhole { bogusnets; };
...
};
How does this look?
One of the ACLs has this acl our-nets { x.x.x.x/24; x.x.x.x/21; }; I'm just curious if that means everyone
is allowed ports 21 and 24. If so, why ports 21 and 24? I though the DNS was using port 53.
Thanks,
J
the time in my taskbar. Is there a way to run the named.exe in the background?
Right now I used named -f to start it and the DOS window is in my taskbar.
Also, any basic security issues for which I should be aware. I read the BIND documentation and it
suggests using ACL lists to prevent spoofing attacks. Here is there example.
acl bogusnets { 0.0.0.0/8; 1.0.0.0/8; 2.0.0.0/8; 192.0.2.0/24; 224.0.0.0/3; 10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
acl our-nets { x.x.x.x/24; x.x.x.x/21; };
options {
...
...
allow-query { our-nets; };
allow-recursion { our-nets; };
...
blackhole { bogusnets; };
...
};
How does this look?
One of the ACLs has this acl our-nets { x.x.x.x/24; x.x.x.x/21; }; I'm just curious if that means everyone
is allowed ports 21 and 24. If so, why ports 21 and 24? I though the DNS was using port 53.
Thanks,
J