[AusNOG] Botnet??
Dobbins, Roland
rdobbins at arbor.net
Sun Jul 29 12:11:33 EST 2012
On Jul 29, 2012, at 8:22 AM, Heinz N wrote:
> (2) Use 2 name servers. One for your internal clients/trusted IPs and another for external IPs to query domains who you are authorative for. Allow recursive for internal but turn it off for external. Allow any external secondary DNS server UDP and TCP port 53 access for zone
> transfers.
Recursive & authoritative functionality should be separated, as well:
<http://dl.dropbox.com/u/25235895/dnstiers.jpg>
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the AusNOG
mailing list