Hello,
Quick question about the named.conf file.
In the named.conf file (on a newly installed server) with a single domain running dns as well, please see the content of the file below.
Note there is an entry for a IP (174.132.240.146) at bottom that i didnt do… Does this mean the servers already been compromised? Should i edit this file somehow? (not sure what to change) Thank you!
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 {
any;
};
listen-on-v6 port 53 {
any;
};
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};
zone “.” IN {
type hint;
file “named.ca”;
};
include “/etc/named.rfc1912.zones”;
zone “mydomain.net” {
type master;
file “/var/named/mydomain.net.hosts”;
allow-transfer {
127.0.0.1;
localnets;
174.132.240.146;
};
};