An attacker can easily convince a client with access to the trusted view to perform queries on its behalf, in countless ways. He can send the trusted client a trojan to install Backorifice. Or he can simply send him an email and convince the trusted client to reply. Or send him a link. Or put his link in a website the client is likely to visit. So I am not quite sure what the trusted view protects against. Anyone can still get a malicious recursive query to the internal view if they really want to. --On Friday, November 30, 2001 11:18 AM -0600 Rob Thomas <robt@cymru.com> wrote:
Hi, all.
Hopefully this is reasonably on topic. :) I have made version 3.1 of the Secure BIND Template available here:
http://www.cymru.com/~robt/Docs/Articles/secure-bind-template.html
It has been reviewed by minds greater than mine. The mistakes are all my own. :) Comments and feedback are always welcome! Be the first in your netblock to join the CREDITS section. :)
Thanks, Rob. -- Rob Thomas http://www.cymru.com/~robt ASSERT(coffee != empty);
--- "The avalanche has already begun. It is too late for the pebbles to vote." -- Kosh