Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
Also don't allow recursion from outside machines.
Why does this help?
Another possibility is to have the port for outgoing connections be something
other than 53 (54 seems unused) and use iptables or ipchains to block data
from the
The eaisest and most failsafe way to secure bind is to install djbdns.
Google is your friend.
-Tech
On Sun, 30 Dec 2001, Petre Daniel wrote:
Well,i know Karsten's on my back and all,but i have not much time to
learn,and too many things to do at my firm,so i am asking if one of you has
any
Previously P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
2. replacing bind is not the same thing as securing it, which was
the
[EMAIL PROTECTED] (Wichert Akkerman) writes:
Previously P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
s/bind/djbdns/
On Sun, Dec 30, 2001 at 06:49:34PM +0100, Wichert Akkerman wrote:
Previously P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
May
On Sunday 30 December 2001 18:46, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
If you have nothing to say - do not speak.
--
Configuration options for BIND are listed on
http://www.isc.org/products/BIND/docs/config/
List of URL that might be usefull
thank you all very much.
you're right.if one doesn't have anything useful to say i'll recommand him
to let others help..
thx guys.
At 10:02 PM 12/30/01 +0100, jernej horvat wrote:
On Sunday 30 December 2001 18:46, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
Lots of good stuff snipped
Please read my messages carefully before flaming me.
Ack! My apologies. Poor reading and poor wording.
DNS cache machine sents out requests from source port 54 (not obscure - every
administrator of
I found this in message log,what it is
Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
Dec 30 07:13:36 debian -- MARK --
Dec 30 07:33:36 debian -- MARK --
Dec 30 07:53:36 debian -- MARK --
Dec 30 08:13:36 debian -- MARK --
Dec 30 08:33:36 debian -- MARK --
Dec 30 08:53:36 debian -- MARK --
On Sun, Dec 30, 2001 at 06:53:38PM +, [EMAIL PROTECTED] wrote:
I found this in message log,what it is
Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
Dec 30 07:13:36 debian -- MARK --
From 'man 8 syslogd':
-m interval
The syslogd logs a mark timestamp regularly.
Well,i know Karsten's on my back and all,but i have not much time to
learn,and too many things to do at my firm,so i am asking if one of you has
any idea how can bind be protected against that DoS attack and if someone
has some good firewall for a dns server ( that resolves names for internal
On Sun, 30 Dec 2001 11:18, Petre Daniel wrote:
Well,i know Karsten's on my back and all,but i have not much time to
learn,and too many things to do at my firm,so i am asking if one of you has
any idea how can bind be protected against that DoS attack and if someone
has some good firewall for a
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
Also don't allow recursion from outside machines.
Why does this help?
Another possibility is to have the port for outgoing connections be something
other than 53 (54 seems unused) and use iptables or ipchains to block data
from the
The eaisest and most failsafe way to secure bind is to install djbdns.
Google is your friend.
-Tech
On Sun, 30 Dec 2001, Petre Daniel wrote:
Well,i know Karsten's on my back and all,but i have not much time to
learn,and too many things to do at my firm,so i am asking if one of you has
any
Previously P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
2. replacing bind is not the same thing as securing it, which was
the
[EMAIL PROTECTED] (Wichert Akkerman) writes:
Previously P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
s/bind/djbdns/
Wichert Akkerman wrote:
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
You mean djbdns, of course.
2. replacing bind is not the same thing as securing it, which was
the question.
There is a small presentation
Jor-el wrote:
Another possibility is to have the port for outgoing connections be
something
other than 53 (54 seems unused) and use iptables or ipchains to block data
from the outside world coming to port 53.
[...]
Of course, in the case of DNS servers, you could be OK, since you
On Sun, Dec 30, 2001 at 12:46:55PM -0500, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
Troll.
Google is your friend.
-Tech
On Sun, 30 Dec 2001, Petre Daniel wrote:
Well,i know Karsten's on my back and all,but i have not much time to
On Sun, Dec 30, 2001 at 06:49:34PM +0100, Wichert Akkerman wrote:
Previously P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
May
On Sunday 30 December 2001 18:46, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
If you have nothing to say - do not speak.
--
Configuration options for BIND are listed on
http://www.isc.org/products/BIND/docs/config/
List of URL that might be usefull
thank you all very much.
you're right.if one doesn't have anything useful to say i'll recommand him
to let others help..
thx guys.
At 10:02 PM 12/30/01 +0100, jernej horvat wrote:
On Sunday 30 December 2001 18:46, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install
On Sun, 30 Dec 2001, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
Because after djbdns, bind 4.2 looks like a pinnacle of security...
Google is your friend.
Apparently it didn't get you a clue...
-Tech
On Sun, 30 Dec 2001, Petre Daniel wrote:
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
Lots of good stuff snipped
Please read my messages carefully before flaming me.
Ack! My apologies. Poor reading and poor wording.
DNS cache machine sents out requests from source port 54 (not obscure - every
administrator of every
I found this in message log,what it is
Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
Dec 30 07:13:36 debian -- MARK --
Dec 30 07:33:36 debian -- MARK --
Dec 30 07:53:36 debian -- MARK --
Dec 30 08:13:36 debian -- MARK --
Dec 30 08:33:36 debian -- MARK --
Dec 30 08:53:36 debian -- MARK --
On Sun, Dec 30, 2001 at 06:53:38PM +, [EMAIL PROTECTED] wrote:
I found this in message log,what it is
Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
Dec 30 07:13:36 debian -- MARK --
From 'man 8 syslogd':
-m interval
The syslogd logs a mark timestamp regularly.
On Sun, 30 Dec 2001, John Galt wrote:
On Sun, 30 Dec 2001, P Prince wrote:
The eaisest and most failsafe way to secure bind is to install djbdns.
Because after djbdns, bind 4.2 looks like a pinnacle of security...
John,
Enlighten me please. I've heard a few things about the
27 matches
Mail list logo
