> > One question I have that came out of this discussion is
> why are systems
> > behind routers safer? What kind of security does a
router provide?
>
> A router by itself does not provide any inherent
security. However:
>
> A standard router, such as a cisco 2501, can do port
> blocking, wh
On Thu, Sep 04, 2003 at 11:05:52AM -1000, Marc Adler wrote:
> One question I have that came out of this discussion is why are systems
> behind routers safer?
They aren't. They are just simpler to admin. So if you don't know what
you are doing, or don't have the time to tend to business, they can
> One question I have that came out of this discussion is why are systems
> behind routers safer? What kind of security does a router provide?
A router by itself does not provide any inherent security. However:
A standard router, such as a cisco 2501, can do port blocking, which can add
some sec
One question I have that came out of this discussion is why are systems
behind routers safer? What kind of security does a router provide?
By the way, the first line in /etc/resolv.conf has not been added back
in, and my system is back to normal. Thanks!
--
Marc Adler
--
redhat-list mailing l
> On Wed, 2003-09-03 at 10:26, Benjamin J. Weiss wrote:
> > > However, the local caching nameserver could be an appropriate solution
> > > iff the ISP is continuously negligent of DNS service problems and Marc
> > > invests the time to learn how to properly secure such a service.
> >
> > As a perso
On Wed, 2003-09-03 at 10:26, Benjamin J. Weiss wrote:
> > However, the local caching nameserver could be an appropriate solution
> > iff the ISP is continuously negligent of DNS service problems and Marc
> > invests the time to learn how to properly secure such a service.
>
> As a person who is st
> However, the local caching nameserver could be an appropriate solution
> iff the ISP is continuously negligent of DNS service problems and Marc
> invests the time to learn how to properly secure such a service.
As a person who is standing up a linux DNS (yes, it's necessary), I just
want to doub
Check
/etc/resolv.conf
/etc/nsswitch.conf
Check out that you are not doning nis lookups or something like that.
The problem is related with name resolution.
On Tue, 2 Sep 2003, Marc Adler wrote:
> I switched my mail transfer agent to postfix from sendmail about a month
> ago and it worked just f
On Wed, 2003-09-03 at 00:26, NfoCipher wrote:
> On Tue, 2003-09-02 at 23:11, Jason Dixon wrote:
>
> >
> > Your response speaks for itself. In this age of worms and script
> > kiddies, we can't afford to propogate the notion that the Internet is
> > some big sandbox for everyone to play in. If y
On Tue, 2003-09-02 at 23:11, Jason Dixon wrote:
>
> Your response speaks for itself. In this age of worms and script
> kiddies, we can't afford to propogate the notion that the Internet is
> some big sandbox for everyone to play in. If you're going to provide a
> public service, you need to be
On Wed, 2003-09-03 at 00:03, NfoCipher wrote:
> On Tue, 2003-09-02 at 22:51, Jason Dixon wrote:
> > No, really, it _was_ crappy advice. Do you also instruct others to
> > install their own POP/SMTP/IMAP server when Hotmail goes down?
> >
> Depends on the person, but sure I would. People like to m
On Wed, 2003-09-03 at 00:03, NfoCipher wrote:
> On Tue, 2003-09-02 at 22:51, Jason Dixon wrote:
> > No, really, it _was_ crappy advice. Do you also instruct others to
> > install their own POP/SMTP/IMAP server when Hotmail goes down?
> >
> Depends on the person, but sure I would. People like to m
On Tue, 2003-09-02 at 22:51, Jason Dixon wrote:
> No, really, it _was_ crappy advice. Do you also instruct others to
> install their own POP/SMTP/IMAP server when Hotmail goes down?
>
Depends on the person, but sure I would. People like to make things
work, learn, etc. Most of the people who take
On Tue, 2003-09-02 at 23:44, NfoCipher wrote:
> On Tue, 2003-09-02 at 21:16, Jason Dixon wrote:
> > Ed, you're absolutely right. I apologize for the tone of my previous
> > post. I get all worked up when folks give crappy advice. ;-)
> >
> It wasn't crappy advice, it's just different from your
On Tue, 2003-09-02 at 21:16, Jason Dixon wrote:
> if you want, but it's
> obvious he doesn't have a clue.
Quick to strike aren't ya?
> Ed, you're absolutely right. I apologize for the tone of my previous
> post. I get all worked up when folks give crappy advice. ;-)
>
It wasn't crappy advice,
On Tue, 2003-09-02 at 23:00, Marc Adler wrote:
> Ok, ok. So what should I do?
>
> Remove the offending line from /etc/resolves.conf (the first one, if I
> remember correctly) and the other local nameservers stuff, then:
Yup. Look back to my 2nd reply for further details. I made some
comments a
* Jason Dixon <[EMAIL PROTECTED]> [2003-09-02 16:18]:
> On Tue, 2003-09-02 at 22:08, Ed Wilts wrote:
> > On Tue, Sep 02, 2003 at 09:55:41PM -0400, Jason Dixon wrote:
> > > On Tue, 2003-09-02 at 21:44, NfoCipher wrote:
> > > > On Tue, 2003-09-02 at 20:18, Marc Adler wrote:
> > >
> > > Wrong. DNS us
On Tue, 2003-09-02 at 22:08, Ed Wilts wrote:
> On Tue, Sep 02, 2003 at 09:55:41PM -0400, Jason Dixon wrote:
> > On Tue, 2003-09-02 at 21:44, NfoCipher wrote:
> > > On Tue, 2003-09-02 at 20:18, Marc Adler wrote:
> >
> > Wrong. DNS uses 53/tcp for zone transfers, 53/udp for normal queries.
> > Just
On Tue, Sep 02, 2003 at 09:55:41PM -0400, Jason Dixon wrote:
> On Tue, 2003-09-02 at 21:44, NfoCipher wrote:
> > On Tue, 2003-09-02 at 20:18, Marc Adler wrote:
> >
> > > I will, but I don't understand why running your own name server is bad.
> > It's not bad if you're behind a firewall of some sort
On Tue, 2003-09-02 at 21:44, NfoCipher wrote:
> On Tue, 2003-09-02 at 20:18, Marc Adler wrote:
>
> > I will, but I don't understand why running your own name server is bad.
> > Could you explain that?
> >
> It's not bad if you're behind a firewall of some sort. Mostly a matter
> of opinion. The on
On Tue, Sep 02, 2003 at 08:44:24PM -0500, NfoCipher wrote:
> >
> It's not bad if you're behind a firewall of some sort. Mostly a matter
Or it is configured for local use only:
options {
directory "/var/named";
listen-on { 192.168.10.1; };
[...]
--
Hal Burgiss
--
redhat-list mai
On Tue, 2003-09-02 at 20:18, Marc Adler wrote:
> I will, but I don't understand why running your own name server is bad.
> Could you explain that?
>
It's not bad if you're behind a firewall of some sort. Mostly a matter
of opinion. The only time you need to secure a dns server is if your
port 53
* Jason Dixon <[EMAIL PROTECTED]> [2003-09-02 14:40]:
> On Tue, 2003-09-02 at 19:55, Marc Adler wrote:
> > * Jason Dixon <[EMAIL PROTECTED]> [2003-09-02 13:42]:
> > > On Tue, 2003-09-02 at 19:35, Marc Adler wrote:
> > > > * NfoCipher <[EMAIL PROTECTED]> [2003-09-02 12:59]:
> > > > > On Tue, 2003-09
On Tue, 2003-09-02 at 19:55, Marc Adler wrote:
> * Jason Dixon <[EMAIL PROTECTED]> [2003-09-02 13:42]:
> > On Tue, 2003-09-02 at 19:35, Marc Adler wrote:
> > > * NfoCipher <[EMAIL PROTECTED]> [2003-09-02 12:59]:
> > > > On Tue, 2003-09-02 at 17:42, Marc Adler wrote:
> > > > > I took a look at /etc/
* Jason Dixon <[EMAIL PROTECTED]> [2003-09-02 13:42]:
> On Tue, 2003-09-02 at 19:35, Marc Adler wrote:
> > * NfoCipher <[EMAIL PROTECTED]> [2003-09-02 12:59]:
> > > On Tue, 2003-09-02 at 17:42, Marc Adler wrote:
> > > > I took a look at /etc/resolv.conf and there were a few entries in it,
> > > > b
On Tue, 2003-09-02 at 19:35, Marc Adler wrote:
> * NfoCipher <[EMAIL PROTECTED]> [2003-09-02 12:59]:
> > On Tue, 2003-09-02 at 17:42, Marc Adler wrote:
> > > I took a look at /etc/resolv.conf and there were a few entries in it,
> > > but how do I know if they are valid?
> > >
> > Well, your isp is
On Tue, 2003-09-02 at 18:59, NfoCipher wrote:
> On Tue, 2003-09-02 at 17:42, Marc Adler wrote:
> > I took a look at /etc/resolv.conf and there were a few entries in it,
> > but how do I know if they are valid?
> >
> Well, your isp is sending those to you via dhcp, so you can assume
> they're valid
* NfoCipher <[EMAIL PROTECTED]> [2003-09-02 12:59]:
> On Tue, 2003-09-02 at 17:42, Marc Adler wrote:
> > I took a look at /etc/resolv.conf and there were a few entries in it,
> > but how do I know if they are valid?
> >
> Well, your isp is sending those to you via dhcp, so you can assume
> they're
On Tue, 2003-09-02 at 17:42, Marc Adler wrote:
> I took a look at /etc/resolv.conf and there were a few entries in it,
> but how do I know if they are valid?
>
Well, your isp is sending those to you via dhcp, so you can assume
they're valid but they may not respond very fast - causing a delay.
You
* NfoCipher <[EMAIL PROTECTED]> [2003-09-02 10:53]:
> On Tue, 2003-09-02 at 15:35, Marc Adler wrote:
> > DNS settings? I'm too newbie to figure it out on my
> > own.
> Sounds like your problem. Make sure there are valid entries in
> /etc/resolv.conf and/or make sure your named is running if you
On Tue, 2003-09-02 at 15:35, Marc Adler wrote:
> DNS settings? I'm too newbie to figure it out on my
> own.
Sounds like your problem. Make sure there are valid entries in
/etc/resolv.conf and/or make sure your named is running if you use that.
--
NfoCipher <[EMAIL PROTECTED]>
ChickenWare, LLC
I switched my mail transfer agent to postfix from sendmail about a month
ago and it worked just fine for a while, until I set up an nfs server
and then tried to set up a samba server (that's still underway). Now,
when I start the computer, it stops for around 30 seconds when trying to
start up post
32 matches
Mail list logo