>Subject: Denying DNS services
>Author: "Jan (Monk) Vandenbos" <jan @
com> at internet-mail
>Date: 12/12/95 5:17 AM
>Does anyone know how I can refuse access to my nameservers
>to certain sites?
>Ie: if my nameserver is foo.bar.com (named) (dns)
>can I reject
>x.x.x.x from access it, or using it to resolve?
What are you protecting? How much is that information worth to you?
Why? The next level up your dns tree needs a copy of your some of your dns data
so unless you deny access all the way up you've only stopped them (who?) from
getting the infomation from your dns server. It appears that the information is
is still available. Now if you are in control all the way to the top of the tree
to the ROOT dns server thats different.
Donald J Smith
Network Security Engineer @Computing Devices International
"@begin design in the security and
ease_of_use != A*(1/Data_Security)"
(my opinions are mine and so are the spelling errors ;-)