On Wed, Jul 29, 2009 at 02:10:56PM -0500, Chris Boyd wrote: > > On Jul 29, 2009, at 11:21 AM, Karanbir Singh wrote: > > > yes, which is one of many reasons why a zone masters is usually > > setup to > > not be publicly available. > > > The localhost 127.0.0.1 zone can also be used as an attack vector > according to the folks on the DNS Ops list, so it's looking like > pretty much every bind installation will need to be updated. > > --Chris Do you have a link to a mailing lists post describing this? Would like to pass it along... Ray