Results 1 to 3 of 3

Thread: Named Security

  1. #1

    Named Security

    Is this the correct setup?

    DNS Server 1:
    allow-transfer {; Server2; };
    allow-recursion {; Server2; };
    recursion no;

    DNS Server 2:
    allow-transfer {; Server1; };
    allow-recursion {; Server1; };
    recursion no;

    BOTH hosts file:
    order bind,hosts
    nospoof on
    spoofalert on
    multi on

  2. #2
    Join Date
    Mar 2009
    Chicago, IL
    It's nice that you have recursion disabled, most people never do that. You might also consider changing the version information to reduce remote fingerprinting of your bind version.

    in options,

    version "REFUSED";

    Not a huge deal, just a little something extra.

  3. #3
    Join Date
    May 2009
    Your configuration looks fine for me.. If you are looking for more security, install bind-chroot and run 'named' in a chrooted environment.

    But there is a small correction to the hosts file configuration.

    Newer Linux/Unix versions use /etc/nsswitch.conf file as resolver library and not /etc/host.conf file.

Similar Threads

  1. Vital Security Scan - Free Scans Available To Ensure Your Security
    By Steven.C in forum Systems Management Offers
    Replies: 10
    Last Post: 04-10-2008, 12:28 PM
  2. wireless security cameras or some type of security device.
    By Mike235 in forum Web Hosting Lounge
    Replies: 19
    Last Post: 05-12-2006, 02:15 PM
  3. Security: Linux anit-virus + extra security on top of Bastille
    By Tazzman in forum Hosting Security and Technology
    Replies: 7
    Last Post: 02-01-2003, 03:00 PM
  4. "named -u named" Using too much memory?
    By M0NkEY in forum Hosting Security and Technology
    Replies: 5
    Last Post: 01-23-2003, 05:12 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts