I'm running Woody at home and have installed and configured BIND 9 as a
caching-only nameserver.
Basically, BIND is configured to listen for DNS queries on my localhost
and the local network. I also have BIND configured to use my ISP's
nameservers as forwaders if it does not contain the resolving
information in the cache. Finally, the daemon is also limited to query
source port 53 for easy compliance with Netfilter.
Recently I have been receiving several weird netfilter logs complaining
about denied DNS queries comming in from and going out to unknow hosts.
I beleive that these logs may reflect a script kiddie who is attempting
to break BIND and possibly use my computer for remote DoS attacks or
port scans.
Where could I find any relative information on running BIND in a chroot
jail on Debian? I was running BIND 8 under a user and group named.
However I feel that it might be worth while using a chroot jail to
prevent any possible BIND exploits on my system.
Does anybody have any real-world experience with chroot'ing BIND?
Thanks
Stef
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
