Protecting bind from DNS cache poisoning!!!
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Aug 9 12:44:02 UTC 2010
>>>> Allow bind to use as wide a range of port numbers as possible for UDP
>>>> traffic.
>>
>> On 09.08.10 17:14, Shiva Raman wrote:
>>> Yes this is allowed in the firewall.
>>
>> note that bind also should not have "port" potion in query-source statement.
On 09.08.10 14:08, Wolfgang Solfrank wrote:
> In addition, be carefull with the use of NAT on your firewall. This will
> probably unrandomize the port numbers on your outgoing requests.
this was mentioned in previous e-mail, I added that the BIND should also be
properly configured ;-)
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
If Barbie is so popular, why do you have to buy her friends?
More information about the bind-users
mailing list