[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] DNS best practices

Subject: [ale] DNS best practices
From: jdr at xcorps.net (Jonathan Rickman)
Date: Sat Dec 18 22:12:47 2004
In-reply-to: <[email protected]>

> You can also use tiny DNS if security is imperative. TinyDNS 
> is super easy to setup, and contains the essentials required 
> to run DNS. There is a $500 reward to exploit it, and no one 
> has claimed the cash yet.

I second that motion, with enthusiasm. I also recommend running a true
split-split DNS. One on the inside for convenience (any product) and one
outside (tiny). The two should not talk to each other, and the outside
system should not handle recursive queries or allow zone transfers. If you
have a secondary external server off-site, update it manually unless you
have more than 100 hosts. 

--
Jonathan

References:
- [ale] DNS best practices
  - From: mattyml at bellsouth.net (mattyml at bellsouth.net)

Prev by Date: [ale] OT BS DSL/DNS
Next by Date: [ale] Hacked to spam??
Previous by thread: [ale] DNS best practices
Next by thread: [ale] Panel, Xlaod, Gnue, KDE
Index(es):
- Date
- Thread