[114654] in North American Network Operators' Group
RE: ISP best practices
daemon@ATHENA.MIT.EDU (Bradley Freeman)
Thu May 21 09:50:19 2009
From: "Bradley Freeman" <bradley.freeman@csirt.ja.net>
To: "'Philip Lavine'" <source_route@yahoo.com>,
<nanog@nanog.org>
In-Reply-To: <408493.6724.qm@web30807.mail.mud.yahoo.com>
Date: Thu, 21 May 2009 14:48:51 +0100
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
In regards to DNS there is a great secure BIND template here
http://www.cymru.com/Documents/secure-bind-template.html which will help
stop your server from being an unneeded open resolver, or sending out root
hints which are used all the time to amplify DDOS attacks often without you
realising.
Bradley
-----Original Message-----
From: Philip Lavine [mailto:source_route@yahoo.com]
Sent: 21 May 2009 14:39
To: nanog@nanog.org
Subject: ISP best practices
To all,
I am sure this has been asked 10 to the 1 millionth power times, however may
be the rules have changed. I am looking to set up a really small ISP with a
few /24's. I want to host DNS as well. Is there any whitepapers/howtos/best
practices on setting up multihomed BGP and DNS with BIND so I don't blow up
the Internet.
Thx
Philip
