Am Mittwoch, 9. Juli 2008 22:39 schrieb Rick Moen: > Quoting Wolfgang Jeltsch ([EMAIL PROTECTED]): > > Am Mittwoch, 9. Juli 2008 20:51 schrieb Noah Meyerhans: > > > > I suggest that you install bind9,
> […] > > > > configure it to only listen on 127.0.0.1, > > > > How do I do this? dpkg-reconfigure doesn’t help. > > Although this will require a substantial investment of your time, I > recommend studying > http://www.cymru.com/Documents/secure-bind-template.html , to better > understand how to properly configure and lock down BIND9. Oh no. I just wanted to do a security update. I didn’t want to install bind9 at all. Short question: Is it sufficient if I use iptables with a stateful filter which only allows incoming packets if they are ESTABLISHED, RELATED or have an acceptable TCP destination port (like ssh or http)? I do this anyway. Best wishes, Wolfgang -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]