Installing bind is not very clear for me
sthaug at nethelp.no
sthaug at nethelp.no
Fri Sep 4 19:29:56 UTC 2015
> One Firewall should be enough.
> So, what you consider this firewall should do ?
> In my opinion:
> Block requests coming from a blacklist (Who will generate this list ?)
> Block denial of service requests. It needs to measure the requests rate
> to detects when is under attack.
> Block port scanners on publics ips.
Before you put a firewall in front of a public facing name server,
you might want to consider slide 16 of the following presentation:
https://app.box.com/s/a3oqqlgwe15j8svojvzl
The slide headline is "Stateful firewalls in front of servers
considered harmful!" - and the author has ample arguments for his
point of view.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the bind-users
mailing list