[2574] in Release_7.7_team
Re: Meeting tomorrow, 1pm
daemon@ATHENA.MIT.EDU (Aaron M. Ucko)
Mon Feb 5 01:29:40 2001
To: John Hawkinson <jhawk@MIT.EDU>
Cc: Jonathon Weiss <jweiss@MIT.EDU>, release-team@MIT.EDU
From: amu@MIT.EDU (Aaron M. Ucko)
Date: 05 Feb 2001 01:29:28 -0500
In-Reply-To: <Release_7.7_team:2573@unknown-discuss-server>
Message-Id: <87wvb5wsl3.fsf@mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
<jhawk@MIT.EDU> (John Hawkinson) writes:
> One other con against turning off remote querying is that it's
> sometimes useful to query a machine remotely to look at it's DNS cache
> while a user is reporting a problem.
I suppose you could keep that capability while interfering with
attackers by taking advantage of the fact that dig and bind both
support alternate ports, as long as you're telling bind where to
listen anyway.
--
Aaron M. Ucko, KB1CJC <amu@mit.edu> (finger amu@monk.mit.edu)
