How to secure DNS...
Simon Waters
Simon at wretched.demon.co.uk
Sat Mar 2 11:42:04 UTC 2002
phn at icke-reklam.ipsec.nu wrote:
> If you are unfamiliar with DNS i'll suggest you get a copy of
> "Managing DNS and BIND".
>
> There is a chapter that deals with the issues you ask about,
> and by some strange coincident, that chapter is available
> in Internet !!
>
> See "http://www.oreilly.com/catalog/dns4/chapter/ch11.html"
The rootservers don't talk to anyone, they just answer questions
about where other servers are, so Christopher definitely has
some reading to do.
I'd add the SUN Blueprint JASS and other papers to the reading
pile, these discuss how to harden a Solaris box for such a role,
and also how to build a Jumpstart server to do it for you. They
don't specifically touch on DNS, although I believe one offers
advice on how to configure nscd, beyond just stopping it as many
choose to do.
More information about the bind-users
mailing list