Windows NT 4.0 DNS Server Default Zone Security Settings (193837)
The information in this article applies to:
- Microsoft Windows NT Server 4.0
This article was previously published under Q193837 SUMMARY
The default setting for Zone Security in the DNS server included with
Microsoft Windows NT Server is to allow zone transfer request from any
client. This allows easier configuration and setup of a new DNS server. The
default settings may allow unauthorized or undesired read access to the DNS
Zone information. A client may request a zone transfer with the Nslookup
utility, or by configuring a secondary zone on a DNS server. To restrict
access, you can configure the Microsoft DNS server to "Only allow access
from secondaries included on the notify list." This setting will limit
access to the DNS server's zone information to IP addresses specified in
the notify list. This parameter is on a per-zone basis; therefore, zones
must be individually configured.
Modification Type: | Major | Last Reviewed: | 10/24/2002 |
---|
Keywords: | kbinfo KB193837 |
---|
|