bind8.2 security issues
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Mon Jul 1 12:55:34 UTC 2002
Steve Foster <fosters at uk.psi.com> wrote:
> At 11:29 01/07/02 GMT, phn at icke-reklam.ipsec.nu wrote:
>>Not entirely,
>>
>>any packet that will cause an application ( and syslog is an application) to
>>ask DNS for an answer is risky.
>>
>>To reduce that , make shure /etc/resolv.conf points to a bind-9 in all
> your systems
>>exposed to Internet.
> Hi, thanks for this, so the best option in the short-term is to upgrade all
> our resolvers to use bind9 , i assume that i can use bind9.2.1 for this, as
> this is the latest on the isc website.
9.2.1 is the recommended one yes.
I found a solaris-8/sparc package from steve at smc.vnet.net , i have a copy
on ftp://ftp.manet.nu/pub/bind/bind-9.2.1-sol8-sparc-local.gz ( yes
you _should_ build your own, but to get running asap installing a package
could be ok)
> Steve
> Steve Foster
> Senior Systems Administrator
> PSINet Europe
> Work: +44 (1223) 577322
> Mobile: +44 (7720) 425911
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list