On Wed, Feb 28, 2001 at 01:51:08PM +0000, Simon Bowden wrote:
> However, I think this is because somewhere in teh process of getting in,
> they broke my local named (i wasnt working in the morning) - that or
> somewhere upstream someone hurt DNS - I was getting a lot of "Lame server
> errors".
funny you should say that, my named was also dead yesterday
when I got home from work. I checked over everything, all
the logs, any binarys changed etc etc and couldn't find
anything else at all suspicious. I was however accidentally
running named on all interfaces so I changed it to just
lo and eth0. I was also running portmap but stopped it and
everything still seems to work so I guess I don't need it.
And I installed all the relevent security updates from the
debian security site.
I also tried to apply some "tight" ipchains rules but that
seemed to stuff up pretty much everything so it's back out
again for now until I work it out properly.
If I have tcp wrappers controlling everything listening on
all ports (except ssh, apache and postfix), it should be
reasonably secure without ipchains firewalling right?
Dave.
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
