[dns-operations] Use of Views/ACLs to defeat DNS rebinding/pinning attacks?

Lutz Donnerhacke lutz at iks-jena.de
Wed Aug 8 07:21:32 UTC 2007


* Roland Dobbins wrote:
>> i.e. If you make a DNS request, and get a well formed answer, it is the
>> requestors responsibility to make sense of the response.
>
> How does this jive with changing the default BIND 9 behavior to disallow
> recursive requests from outside the IP addresses contained in one's zone
> files?

Many hosting and access providers have to deal with customers which run
their own domains outside and point to internal IPs of the provider.



More information about the dns-operations mailing list