Security issue in BIND servers
Bind Users
bind at time.net.my
Wed Aug 22 11:26:32 UTC 2001
Hi all
Currently, I run BIND ver 9.1.3 for my both dns servers.
Sometimes we need to do a zone transfer for remote site, either
as a Master or Slave server. Therefore, TCP Port 53 was opened up.
I'm concerned about the security although it was behind firewall as
TCP port was quite fragile for attacking & hacking activities.
1) May be I could do some harderning. Any recommendation? How?
2) Is there any facility that BIND 9.1.3 could offered?
3) How about the "Chroot" environment; copying BIND to "jail" or TSIG?
Is there any issues that might occured if one of these items is
implemented? Who has the experienced?
4) What about Split DNS architecture, is it relates to this matter?
Thanz a lot in advance.
More information about the bind-users
mailing list