Tips for building a root server?
brad.knowles at skynet.be
Sat Oct 6 17:15:53 UTC 2001
At 9:48 AM -0600 10/5/01, Mike wrote:
> It's not about abuse, it's about specific web sites offering a technology
> that is an extreme security risk for my company. We feel that it is time to
> start allowing only certain sites, and not allowing any other sites.
IMO, you're much better off doing this at the firewall/proxy than
anything else. There are plenty of proxy cache servers that will do
filtering, based on a list you give them. Doing so allows you to
avoid a lot of the inherent danger in setting up your own internal
roots, especially if you are doing so for the wrong reasons.
> Okay, so I will build a proxy server, but which one should I use, Squid?
> Can I use it to allow only certain domains to pass through to users, e.g.
> allow cnn.com ?? I want to be able to build a list of domains that can be
> accessed, and not worry about any other domains.
There are versions of squid that should do exactly this.
Brad Knowles, <brad.knowles at skynet.be>
More information about the bind-users