Hello,

When I do a detailed dns lookup on my domains, it returns the whole zone. That is mail.mydomain.com, ftp.mydomain.com, localhost.mydomain.com etc. I've tried this on other sites as well, and on most sites it cannot perform a zone transfer. Now what I was wondering is how do I disallow zone transfer to outside source? It's a managed dedicated server, using nameservers on the server itself; ns2.mydomain.com, ns2.mydomain.com.

In BIND 8/9, you can include something like this in /etc/named.conf (added line in bold):

zone "translator.cx" {
type master;
file "/var/named/translator.cx.db";
allow-transfer { 127.0.0.1; };
};

After you restart it zone transfers should be disabled. I hope that helps.

Or if you want to do this on a serverwide basis, add the following near the top of your /etc/named.conf

options {
allow-transfer { 127.0.0.1; };
};

by default the latest versions of bind 8, and 9 disallow zone transfers to outsides hosts by default. you dont need to do anything to block global transfers..

Thank you for your replies.

I'm going to try this out tonite :)