G T Smith wrote:
Ouch! If this is hosting the authorative master zone for the domain this means you may have inadvertently broken your domain. I am not certain this is a choice in this case...
I think it is possible to configure the DNS to act as a cache forwarder for local workstations, and to reply to requests for info about ricreig.com from external locations. It should also be possible to configure the logs so that the denied requests are kept in a separate log...
The DNSStuff.com report shows the outside world can get the records, including reverse DNS info. The log exerpt was a bad choice where I had temporarily closed the DNS to the outside. I am not concerned about the size of the log, I know several ways to erase files :) What I am concerned about is DNS security. I have read several whitepapers on the subject where DNS servers are under attack from script-kiddies so slowly, but surely I will be converting to a split DNS topography where there is a public side and a private side but in both cases, detecting the attack and dynamically responding to it is a desirable goal. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org