Open resolver: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Rvahtel (talk | contribs)
No edit summary
Mleinaks (talk | contribs)
No edit summary
Line 5: Line 5:
=Bind9 konfigureerimine=
=Bind9 konfigureerimine=


name.conf.options näitefail
named.conf.options näitefail


<source lang="bash">
<source lang="bash">

Revision as of 10:51, 31 March 2011

Teema võetud - Peep Binsol, Rene Vahtel

Sissejuhatus

Bind9 konfigureerimine

named.conf.options näitefail

acl me {192.168.7.0/24;};

options {
        directory "/var/cache/bind";

         forwarders {
                8.8.8.8;
                8.8.4.4;
         };

        allow-recursion { me; };
        allow-query { me; };
        allow-transfer { me; };

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};


  • acl - access control list, nimekiri võrkudest või ip aadressidest
  • allow-recursion - kas päringud on lubatud "forwarders" nimeserveritesse
  • allow-query - kas päringud on lubatud
  • allow-transafer - kas tsooni transfer on lubatud

Open resolver test

  • Käsurealt küsimine kasutades dig programmi:

Kontrollime nimeserverit 193.40.254.227

dig +short 227.254.40.193.dnsbl.openresolvers.org
127.0.0.2

Juhul kui vastus on 127.0.0.2 siis on tegu openresolveriga.

Teine variant (kontrollitakse masinas kasutatavad nimeserverit):

dig +short amiopen.openresolvers.org TXT
"Your resolver at 193.40.56.245 is CLOSED"

Lingid

  • Ubuntu Bind9 konfigureerimine [1]
  • konfinäide: [2]
  • Openresolver [3]