[2302] in linux-security and linux-alert archive
[linux-security] Re: Security problems in bind -- persisting?
daemon@ATHENA.MIT.EDU (Rik van Riel)
Fri Jan 14 11:05:41 2000
Date: Fri, 14 Jan 2000 14:52:21 +0100 (CET)
From: Rik van Riel <riel@nl.linux.org>
To: Antonomasia <ant@notatla.demon.co.uk>
cc: linux-security@redhat.com
In-Reply-To: <200001140219.CAA10532@notatla.demon.co.uk>
Message-ID: <Pine.LNX.4.10.10001141449360.13454-100000@mirkwood.dummy.home>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Resent-From: linux-security@redhat.com
On Fri, 14 Jan 2000, Antonomasia wrote:
> Does anyone know adverse effects (beside added net traffic) of
> simply not running bind ?
Bind will have to run _somewhere_ so a safe installation of it
is needed anyway (prepackaged in RPM, if possible).
If you're using it for caching only, you can put something like
this in /etc/named.conf:
options {
listen-on 127.0.0.1;
}
This will make sure that only the machine itself can use bind,
so remote attacks become impossible.
See http://www.isc.org/ for the full documentation on bind.
regards,
Rik
--
The Internet is not a network of computers. It is a network
of people. That is its real strength.
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
