bind8, libpcap, tcpdump

Steve Wolfe nw at codon.com
Tue Nov 19 13:35:56 PST 2002


> It's worth noting that to anyone who follows the principle of least
> privlege to the letter when designing subsystems,

 (snip)

> ...at the top of the named.conf, add an ACL (access control list) like:

(snip)

> ...and in the options section of the named.conf, we add:

(snip)

> At the top of our named.conf, we'd be adding a new ACL like this...

(snip)

> ...we'd be using an ACL to globally disable zone transfers, and then
> we'd have a zone entry that looked a bit like this...

    Geez.  Imagine a car dealer telling you "No, it won't blow up on you,
as long as you take these five basic steps to customize the engine...."

steve

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list