Author Topic: AXFR vulnerability/ restrict zone transfer  (Read 188 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
AXFR vulnerability/ restrict zone transfer
« on: May 04, 2022, 11:19:16 AM »
Hello,

What is best solution for fixing this?
Atm my named.conf for domain looks like this:

Code: [Select]
// zone domain.com
zone "domain.com" {type master; file "/var/named/domain.com.db";};
// zone_end domain.com

Does it need to look like this or is there any other solution?

Code: [Select]
acl trusted-servers  {
        ip1;  //ns1
       ip2;   //ns2
};
zone domain.com  {
        type master;
        file "/var/named/domain.com.db";
        allow-transfer { trusted-servers; };
};


Thank you in advance