Assuming you're not talking about firewall issues, not much. Just make
sure you keep up on the latest version of bind. Configure it
right. Make sure you only allow zone transfers to other DNS servers
who have a need to know. Turn on logging information and make sure to
actually monitor the logs that are generated -- perl scripts really
help with that. Get the DNS and Bind book from O'Reilly and
Associates. It is currently in 3rd ed. Finally, visit www.rfc-editor.org
and do a search on DNS to get the DNS related RFC's and read through
the relevant ones. (You'll get something like 57 documents back, not all
of which will matter to you.)
-Steve
Who speaks for himself, not his employer.
On Mon, Aug 23, 1999 at 06:25:25PM +0500, Arshad Mahmood wrote:
>
> Hi all,
>
> I want to ask about security issues that are related to a DNS
> Server in an ISP setup. If this is not the list to discuss then point me
> to the right mailing list. I want to know about any possible attack. Any
> comments, tutorials related to DNS Security on the web, and information
> will be appreciated.
>
>
>
>
> Arshad Mahmood.
> Assistant Internet Engineer.
> -----------------------------------------------------------------------------
> Sustainable Development Networking Programmee - UNDP
> House 12, Street 85, SectorG-6/4 Phone:92-051-270684
> Islamabad Pakistan.
> Email:[EMAIL PROTECTED]
> ----------------------------------------------------------------------------
>
>
>
>
>
>
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to [EMAIL PROTECTED]
--
______________________________________________________________________________
Steve Shah ([EMAIL PROTECTED]) | Alteon Web Systems Inc. (Developer/Sysadmin)
http://www.alteon.com | Voice: 408.360.5653 Fax: 408.360.5500
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Life is best measured in beats per minute. How alive are you? -SjS
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
