also sprach Eduard Ballester <[EMAIL PROTECTED]> [2003.03.14.1717 +0100]: > BIND 9.2.x of course,
ugh. > * DNS Security > DNSSEC (signed zones) > TSIG (signed DNS requests) TSIG: there may well be patches to djbdns. However, for internal clients, IPsec is really the way to go. > One server process can provide multiple "views" of the DNS > namespace, e.g. an "inside" view to certain clients, and an > "outside" view to others. djbdns can do that. nevertheless, this is not a feature but a hack. if you need two DNS servers for internal and external hosts, run them separately. there is no reason to make them share a process! > You can configure it in chroote jail > http://www.linuxsecurity.com/docs/LDP/Chroot-BIND-HOWTO.html http://www.bpfh.net/simes/computing/chroot-break.html -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html Get my key here: http://people.debian.org/~madduck/gpg/330c4a75.asc
pgp00000.pgp
Description: PGP signature
