Solved

reverse lookup in bind_8.1.2

Posted on 1998-07-16
3
235 Views
Last Modified: 2013-12-23
I want to eliminate the possibility of receiving the name of a host after querying the ip address from my dns.
How do i do it ?
0
Comment
Question by:sboaz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Expert Comment

by:blowfish
ID: 1583018
Could you try providing more detail?  Are you the DNS admin for the domains you are trying to restrict?  Are you trying to prevent your own users from getting this information, or are you trying to prevent Internet users.  Could you give us a scenario or two.  I can probably answer this, but I'm not sure who you're trying to restrict.  
0
 

Author Comment

by:sboaz
ID: 1583019
i am the  domain manager, i don"t want to give the internet users the possibility to extract a computer name from a query on an IP  address.
i  tried two ways
1. according to documents if my options block does not include "fake-iquery yes" than the inverse query is disabled.
I have no such option and therefore I assume that inverse query is disabled. However, after I queried an IP address to my amazement i received the computer name.

2. I deleted most of the reverse lookup db records and of course disabled the inverse query option. However, this is not a satisfactory solution.
I am looking for a more sofisticated solution.

Any help in the above matter would be greatly appreciated (and of course there are the 100 points at stake !!)


0
 
LVL 1

Accepted Solution

by:
mohammedg earned 100 total points
ID: 1583020
Two ways I can think of doing this:

1. Eazy Way: is to have two DNS servers one is a Primary for your domain, and the other is a secondary. The secondary server is the one that will be queried by the outside world (NOT THE PRIMARY), your primary will be used internaly only.
So all the secondary has to do is get the zones it needs, (i.e. it should not get the reverse lookup zone from the primary).

2. Hard Way: is of course to construct a firewall, and stop incoming DNS queries to your network, by disabling packets on port #157 (Check the port number) . But this will stop all kind of DNS request into your domain, and only allow requests to go out.

0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question