Solved

reverse lookup in bind_8.1.2

Posted on 1998-07-16
3
206 Views
Last Modified: 2013-12-23
I want to eliminate the possibility of receiving the name of a host after querying the ip address from my dns.
How do i do it ?
0
Comment
Question by:sboaz
3 Comments
 
LVL 2

Expert Comment

by:blowfish
Comment Utility
Could you try providing more detail?  Are you the DNS admin for the domains you are trying to restrict?  Are you trying to prevent your own users from getting this information, or are you trying to prevent Internet users.  Could you give us a scenario or two.  I can probably answer this, but I'm not sure who you're trying to restrict.  
0
 

Author Comment

by:sboaz
Comment Utility
i am the  domain manager, i don"t want to give the internet users the possibility to extract a computer name from a query on an IP  address.
i  tried two ways
1. according to documents if my options block does not include "fake-iquery yes" than the inverse query is disabled.
I have no such option and therefore I assume that inverse query is disabled. However, after I queried an IP address to my amazement i received the computer name.

2. I deleted most of the reverse lookup db records and of course disabled the inverse query option. However, this is not a satisfactory solution.
I am looking for a more sofisticated solution.

Any help in the above matter would be greatly appreciated (and of course there are the 100 points at stake !!)


0
 
LVL 1

Accepted Solution

by:
mohammedg earned 100 total points
Comment Utility
Two ways I can think of doing this:

1. Eazy Way: is to have two DNS servers one is a Primary for your domain, and the other is a secondary. The secondary server is the one that will be queried by the outside world (NOT THE PRIMARY), your primary will be used internaly only.
So all the secondary has to do is get the zones it needs, (i.e. it should not get the reverse lookup zone from the primary).

2. Hard Way: is of course to construct a firewall, and stop incoming DNS queries to your network, by disabling packets on port #157 (Check the port number) . But this will stop all kind of DNS request into your domain, and only allow requests to go out.

0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
SSH commands for Nas4free 21 295
server/storage management port connect to catalyst2950 3 53
Link Aggregation 2 31
sync conflicts 1 20
The DSL Parameters part of this article is valid and can be considered with any brand of internet router and modem (Dlink, 3com, Alcatel, Usrobotics, Parks), by accessing the configuration interface available by the manufacturer eg: http://10.1.1.1 …
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now