named (bind) curiosity: syslog full of this similar messages
Hi all,
I have been running since two months ago a Slackware 10.2 server with some services online, including ftp, apache, mail and DNS with a bunch of registered domains. Everything fine :p While watching at the logs, I've noticed that /var/log/syslog is damn full of this kind of messages (I modified the green parts for privacy/security reasons): Quote:
I did some gogglish research and here, I found a text that tries to explain that the name server is doing (not the proper version but seems fit) Quote:
What is a dynamic update? I guess it is ok to denied them, for security's sake (or something...) While going online, a consultant and friend of mine suggested that I should add these options in the /etc/named.conf file: Code:
options { What am I denying? |
Here, those error messages are caused by Windows boxes using DHCP with the "Register this connection's addresses in DNS" flag set under Advanced TCP/IP Settings (on the DNS tab). I'd expect any DHCP set up to have that option somewhere.
The allow-transfer { 127.0.0.1; }; statement just means that nobody can transfer the zone information from the server. You may also be restricting with the allow-update and/or allow-update-forwarding statement (or it's the default, I'm not sure) which is why the update requests are causing the error message. There's some info on the named.conf settings at http://www.zytrax.com/books/dns/ch7/ - it includes sections on all of the available settings. |
Hi
Thanks for pointing me out, that link was just what I needed. Seems that the allow-update { none; }; is the default for all the zones so it should be secure enough to satisfy my worst paranoid nightmares. It seems that I should blame those windoze boxes for everything... |
Quote:
|
Yeah, but management won't let me have such thing as a general company policy.
Here, most of the Computing Systems / Informatics department uses windoze for everyday tasks (not me :p) |
All times are GMT -5. The time now is 12:26 PM. |