On Sun, 30 Dec 2001, John Galt wrote:
> On Sun, 30 Dec 2001, P Prince wrote:
>
> >The eaisest and most failsafe way to secure bind is to install djbdns.
>
> Because after djbdns, bind 4.2 looks like a pinnacle of security...
>
John,
Enlighten me please. I've heard a few things about th
On Sun, Dec 30, 2001 at 06:53:38PM +, [EMAIL PROTECTED] wrote:
> I found this in message log,what it is
> Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
> Dec 30 07:13:36 debian -- MARK --
From 'man 8 syslogd':
-m interval
The syslogd logs a mark timestamp regularly.
I found this in message log,what it is
Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
Dec 30 07:13:36 debian -- MARK --
Dec 30 07:33:36 debian -- MARK --
Dec 30 07:53:36 debian -- MARK --
Dec 30 08:13:36 debian -- MARK --
Dec 30 08:33:36 debian -- MARK --
Dec 30 08:53:36 debian -- MARK --
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
> Please read my messages carefully before flaming me.
Ack! My apologies. Poor reading and poor wording.
>
> DNS cache machine sents out requests from source port 54 (not obscure - every
> administrator of every DNS server on the net
On Sun, 30 Dec 2001, P Prince wrote:
>The eaisest and most failsafe way to secure bind is to install djbdns.
Because after djbdns, bind 4.2 looks like a pinnacle of security...
>Google is your friend.
Apparently it didn't get you a clue...
>-Tech
>
>On Sun, 30 Dec 2001, Petre Daniel wrote:
>
>
On Sun, 30 Dec 2001, John Galt wrote:
> On Sun, 30 Dec 2001, P Prince wrote:
>
> >The eaisest and most failsafe way to secure bind is to install djbdns.
>
> Because after djbdns, bind 4.2 looks like a pinnacle of security...
>
John,
Enlighten me please. I've heard a few things about t
On Sun, Dec 30, 2001 at 06:53:38PM +, [EMAIL PROTECTED] wrote:
> I found this in message log,what it is
> Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
> Dec 30 07:13:36 debian -- MARK --
From 'man 8 syslogd':
-m interval
The syslogd logs a mark timestamp regularly
I found this in message log,what it is
Dec 30 06:50:55 debian syslogd 1.3-3#33.1: restart.
Dec 30 07:13:36 debian -- MARK --
Dec 30 07:33:36 debian -- MARK --
Dec 30 07:53:36 debian -- MARK --
Dec 30 08:13:36 debian -- MARK --
Dec 30 08:33:36 debian -- MARK --
Dec 30 08:53:36 debian -- MARK --
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
> Please read my messages carefully before flaming me.
Ack! My apologies. Poor reading and poor wording.
>
> DNS cache machine sents out requests from source port 54 (not obscure - every
> administrator of every DNS server on the net
On Sun, 30 Dec 2001, P Prince wrote:
>The eaisest and most failsafe way to secure bind is to install djbdns.
Because after djbdns, bind 4.2 looks like a pinnacle of security...
>Google is your friend.
Apparently it didn't get you a clue...
>-Tech
>
>On Sun, 30 Dec 2001, Petre Daniel wrote:
>
thank you all very much.
you're right.if one doesn't have anything useful to say i'll recommand him
to let others help..
thx guys.
At 10:02 PM 12/30/01 +0100, jernej horvat wrote:
On Sunday 30 December 2001 18:46, P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install
On Sun, 30 Dec 2001 16:17, Jor-el wrote:
> On Sun, 30 Dec 2001, Russell Coker wrote:
> > Also don't allow recursion from outside machines.
>
> Why does this help?
When someone sends a recursive query to your server then they know (with a
good degree of accuracy) what requests are going to be made
On Sunday 30 December 2001 18:46, P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install djbdns.
If you have nothing to say - do not speak.
--
Configuration options for BIND are listed on
http://www.isc.org/products/BIND/docs/config/
List of URL that might be usefull i
On Sun, Dec 30, 2001 at 06:49:34PM +0100, Wichert Akkerman wrote:
> Previously P Prince wrote:
> > The eaisest and most failsafe way to secure bind is to install djbdns.
>
> And the simple answer to that is:
> 1. bind is not DFSG-free and not packaged for Debian which makes it
>off-topic here.
thank you all very much.
you're right.if one doesn't have anything useful to say i'll recommand him
to let others help..
thx guys.
At 10:02 PM 12/30/01 +0100, jernej horvat wrote:
>On Sunday 30 December 2001 18:46, P Prince wrote:
> > The eaisest and most failsafe way to secure bind is to instal
On Sun, 30 Dec 2001 16:17, Jor-el wrote:
> On Sun, 30 Dec 2001, Russell Coker wrote:
> > Also don't allow recursion from outside machines.
>
> Why does this help?
When someone sends a recursive query to your server then they know (with a
good degree of accuracy) what requests are going to be mad
On Sunday 30 December 2001 18:46, P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install djbdns.
If you have nothing to say - do not speak.
--
Configuration options for BIND are listed on
http://www.isc.org/products/BIND/docs/config/
List of URL that might be usefull
On Sun, Dec 30, 2001 at 06:49:34PM +0100, Wichert Akkerman wrote:
> Previously P Prince wrote:
> > The eaisest and most failsafe way to secure bind is to install djbdns.
>
> And the simple answer to that is:
> 1. bind is not DFSG-free and not packaged for Debian which makes it
>off-topic here
On Sun, Dec 30, 2001 at 12:46:55PM -0500, P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install djbdns.
Troll.
>
> Google is your friend.
>
> -Tech
>
> On Sun, 30 Dec 2001, Petre Daniel wrote:
>
> > Well,i know Karsten's on my back and all,but i have not much time t
Jor-el wrote:
> > Another possibility is to have the port for outgoing connections be
> > something
> > other than 53 (54 seems unused) and use iptables or ipchains to block data
> > from the outside world coming to port 53.
[...]
> Of course, in the case of DNS servers, you could be OK, s
Wichert Akkerman wrote:
> And the simple answer to that is:
> 1. bind is not DFSG-free and not packaged for Debian which makes it
>off-topic here.
You mean djbdns, of course.
> 2. replacing bind is not the same thing as securing it, which was
>the question.
There is a small presentat
[EMAIL PROTECTED] (Wichert Akkerman) writes:
> Previously P Prince wrote:
> > The eaisest and most failsafe way to secure bind is to install djbdns.
>
> And the simple answer to that is:
> 1. bind is not DFSG-free and not packaged for Debian which makes it
>off-topic here.
s/bind/djb
Previously P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
2. replacing bind is not the same thing as securing it, which was
the ques
The eaisest and most failsafe way to secure bind is to install djbdns.
Google is your friend.
-Tech
On Sun, 30 Dec 2001, Petre Daniel wrote:
> Well,i know Karsten's on my back and all,but i have not much time to
> learn,and too many things to do at my firm,so i am asking if one of you has
> any
On Sun, Dec 30, 2001 at 12:46:55PM -0500, P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install djbdns.
Troll.
>
> Google is your friend.
>
> -Tech
>
> On Sun, 30 Dec 2001, Petre Daniel wrote:
>
> > Well,i know Karsten's on my back and all,but i have not much time
Jor-el wrote:
> > Another possibility is to have the port for outgoing connections be something
> > other than 53 (54 seems unused) and use iptables or ipchains to block data
> > from the outside world coming to port 53.
[...]
> Of course, in the case of DNS servers, you could be OK, since
Wichert Akkerman wrote:
> And the simple answer to that is:
> 1. bind is not DFSG-free and not packaged for Debian which makes it
>off-topic here.
You mean djbdns, of course.
> 2. replacing bind is not the same thing as securing it, which was
>the question.
There is a small presenta
[EMAIL PROTECTED] (Wichert Akkerman) writes:
> Previously P Prince wrote:
> > The eaisest and most failsafe way to secure bind is to install djbdns.
>
> And the simple answer to that is:
> 1. bind is not DFSG-free and not packaged for Debian which makes it
>off-topic here.
s/bind/dj
Previously P Prince wrote:
> The eaisest and most failsafe way to secure bind is to install djbdns.
And the simple answer to that is:
1. bind is not DFSG-free and not packaged for Debian which makes it
off-topic here.
2. replacing bind is not the same thing as securing it, which was
the que
The eaisest and most failsafe way to secure bind is to install djbdns.
Google is your friend.
-Tech
On Sun, 30 Dec 2001, Petre Daniel wrote:
> Well,i know Karsten's on my back and all,but i have not much time to
> learn,and too many things to do at my firm,so i am asking if one of you has
> an
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
>
> Also don't allow recursion from outside machines.
Why does this help?
>
> Another possibility is to have the port for outgoing connections be something
> other than 53 (54 seems unused) and use iptables or ipchains to block data
> from
On Sun, 30 Dec 2001 11:18, Petre Daniel wrote:
> Well,i know Karsten's on my back and all,but i have not much time to
> learn,and too many things to do at my firm,so i am asking if one of you has
> any idea how can bind be protected against that DoS attack and if someone
> has some good firewall fo
Russell,
On Sun, 30 Dec 2001, Russell Coker wrote:
>
> Also don't allow recursion from outside machines.
Why does this help?
>
> Another possibility is to have the port for outgoing connections be something
> other than 53 (54 seems unused) and use iptables or ipchains to block data
> from
On Sun, 30 Dec 2001 11:18, Petre Daniel wrote:
> Well,i know Karsten's on my back and all,but i have not much time to
> learn,and too many things to do at my firm,so i am asking if one of you has
> any idea how can bind be protected against that DoS attack and if someone
> has some good firewall f
Well,i know Karsten's on my back and all,but i have not much time to
learn,and too many things to do at my firm,so i am asking if one of you has
any idea how can bind be protected against that DoS attack and if someone
has some good firewall for a dns server ( that resolves names for internal
c
Well,i know Karsten's on my back and all,but i have not much time to
learn,and too many things to do at my firm,so i am asking if one of you has
any idea how can bind be protected against that DoS attack and if someone
has some good firewall for a dns server ( that resolves names for internal
36 matches
Mail list logo
