这个name.conf文件配置有漏洞吗?
这个name.conf文件配置有漏洞吗?
看看下面这个name.conf文件配置有漏洞吗?
acl bogusnets { // ACL for bogus networks
0.0.0.0/8; // default wild card addresses
1.0.0.0/8; // reserved addresses
2.0.0.0/8; // reserved addresses
169.254.0.0/16; // link-local delegated addresses
192.0.2.0/24; // sample address, like example.com
224.0.0.0/3; // multicast address space
};
acl "mylan" {
127/8;
192.168.1.0/24;
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
allow-query {192.168.1.0/24;};
blackhole { bogusnets; };
};
controls {
inet 127.0.0.1 port 953
allow { localhost ;} keys { "rndc-key";};
};
include "/etc/named.rfc1912.zones";
view "internal" {
match-clients { "mylan";};
recursion yes;
zone "pereny.org" {
type master;
file "internal/pereny.org.zone";
allow-transfer { 192.168.1.0/24; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "internal/192.168.1.zone";
allow-transfer { 192.168.1.0/24; };
allow-update {none;};
};
};
include "/etc/rndc.key";
评论暂时关闭