server security

[Quadri, Jay]

Do the following:
1. Before installing you DNS server, make your Box in to a Bastion Host,
i.e. harden your box by stripping all that you don't need such as rpc,
mailserver, change all world writable files to read or 0 etc, 
http://www.enteract.com/~lspitz/armoring.html  will show you how to secure a
Solaris box.   
2. implement slit DNS.
3. finally, put a firewall in place
4. Install the latest bind
5. Make use of the ACL's within BIND.
6. you might want to Install StoneBeat DNS Cluster or similar for full
availability, but personally, I have always thought this an overkill.


-----Original Message-----
From: yoko at ishizuki.com [mailto:yoko at ishizuki.com]
Sent: Wednesday, October 11, 2000 9:56 AM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: server security


Hi.  I would like to know what to care for my DNS server security.
Could anyone give me any pointers for my reference?
Thank you.


Sent via Deja.com http://www.deja.com/
Before you buy.