On 2020-10-15 14:38, sth...@nethelp.no wrote:
I would run a firewall even for BIND alone on a box in case the box
gets compromised through BIND. Allowing remote access and DNS, then
dropping everything else as the general firewall policy should be
pretty straightforward. But with the IP on this p
Simply stateless. Something along the lines of this (iptables):
# SSH may be internal only or moved to a different port
iptables -A INPUT -m tcp -p tcp --dport 22 -j ACCEPT
# Enable DNS on both TCP and UDP
iptables -A INPUT -m tcp -p tcp --dport 53 -j ACCEPT
iptables -A INPUT
-m udp -p udp --dport
> I would run a firewall even for BIND alone on a box in case the box
> gets compromised through BIND. Allowing remote access and DNS, then
> dropping everything else as the general firewall policy should be
> pretty straightforward. But with the IP on this particular BIND box
> being public, it's
I would run a firewall even for BIND alone on a box in case the box
gets compromised through BIND. Allowing remote access and DNS, then
dropping everything else as the general firewall policy should be
pretty straightforward. But with the IP on this particular BIND box
being public, it's really lik
On 10/15/2020 2:50 PM, Jason Long via bind-users wrote:
> Yes.
> In the panel of domain name registrar I can enter something like
> "NS1.example.net" and an IP address.
> I want to host the host t DNS server myself.
Oh yes, you will also need a domain name register that let's you
register the nam
On Thu, Oct 15, 2020 at 02:03:52PM -0400,
Kevin A. McGrail wrote
a message of 8 lines which said:
> Firewalls are cheap and the level of effort to run a bastion host are
> significant.
Firewalls are useful when you want to protect unamanaged printers and
Windows boxes (or Web servers with a l
On Thu, Oct 15, 2020 at 11:16:05AM -0700,
Fred Morris wrote
a message of 50 lines which said:
> 2) If you want to run your own DNS nameservers, you will need to buy a
>book, read the (BIND) Administrator's Reference Manual, and/or some
>RFCs
Very bad advice. RFCs are not for the faint
Thanks, but for some security reasons I don't like to host my DNS and Apache
server on one server.
On Thursday, October 15, 2020, 08:53:30 PM GMT+3:30, alcol alcol
wrote:
can't be done a tutorial for your specific case
follow the section for primary DNS and discard secondary secti
My static IP addresses are public.
On Thursday, October 15, 2020, 08:42:42 PM GMT+3:30, Michael De Roover
wrote:
Are these static IP's local or public? If local, you can instruct your
router to port forward to these. If these are public, I guess these
machines make a direct connection
Yes.
In the panel of domain name registrar I can enter something like
"NS1.example.net" and an IP address.
I want to host the host t DNS server myself.
On Thursday, October 15, 2020, 08:36:35 PM GMT+3:30, Stephane Bortzmeyer
wrote:
On Thu, Oct 15, 2020 at 04:36:58PM +,
Jason Long
If this is question has a simple answer, you're confounding it by not
asking a simple, concise question.
On Thu, 15 Oct 2020, Jason Long via bind-users wrote:
[...]
I
need expert advice about it.
If you need expert advice that's accurate and guaranteed to work, hire a
professional. ;-)
I r
On 10/15/2020 1:00 PM, Stephane Bortzmeyer wrote:
> He said that the DNS server has a public IP address so port forwarding
> is probably not necessary.
Firewalls are cheap and the level of effort to run a bastion host are
significant.
I'd recommend port forwarding as a necessary task.
__
On 10/15/2020 12:57 PM, Jason Long via bind-users wrote:
> Yes, I have two static IP addresses. One is for DNS server and one is
> for my website.
> Excuse me, I just have one server for DNS and that tutorial is about
> secondary DNS server too. Can you show me another tutorial with one
> server an
can't be done a tutorial for your specific case
follow the section for primary DNS and discard secondary section
aren't needed two IP one for web and one for DNS , if you want all can be done
with 1 IP
be sure you have 80 443 53tcp 53udp open from internet to your server.
Are these static IP's local or public? If local, you can instruct your
router to port forward to these. If these are public, I guess these
machines make a direct connection to the internet with a public IP on
their interface then? In that case you can omit any port forwarding.
The secondary DNS se
On Thu, Oct 15, 2020 at 04:57:16PM +,
Jason Long via bind-users wrote
a message of 173 lines which said:
> I have two static IP addresses. One is for DNS server and one is for
> my website.
Note that you can put the two servers on the same machine, using the
same IP address, since the two
On Thu, Oct 15, 2020 at 04:36:58PM +,
Jason Long via bind-users wrote
a message of 1594 lines which said:
> in the panel of it, I can enter my DNS server IP addresses.
I assume you refer to the panel of your domain name registrar. If so,
it would be useful to know which is the label near
On Thu, Oct 15, 2020 at 06:45:01PM +0200,
Michael De Roover wrote
a message of 65 lines which said:
> Your router can port forward traffic to port 53/udp to your local IP
> that your DNS server is on.
He said that the DNS server has a public IP address so port forwarding
is probably not neces
Yes, I have two static IP addresses. One is for DNS server and one is for my
website.Excuse me, I just have one server for DNS and that tutorial is about
secondary DNS server too. Can you show me another tutorial with one server and
same goal?The Internet DNS server for my goal is "Authoritative
Assuming that this is running off a home network, yes you could
technically do it. Probably the registrar's name servers will be more
reliable however. I'll also assume that your public IP is static.
Otherwise it may only be suitable for the website, with a Dynamic DNS
service that can regularly up
A DNS server can exist if you follow NIC instractions.
Mainly have you a leased line ever on? primary DNS can't be down or NIC could
down your domain.
Then you have to install and configure it. Better a fedora core , and CHROOT,
DNS is one of the services more targeted to enter inside a system.
On 10/15/2020 12:36 PM, Jason Long via bind-users wrote:
> I have a question about launching a DNS server with CentOS for hosting
> a web server. Excuse me, if my question is so basic and funny. I need
> expert advice about it.
> I registered a domain name for my web site and in the panel of it, I
Hello,I have a question about launching a DNS server with CentOS for hosting a
web server. Excuse me, if my question is so basic and funny. I need expert
advice about it.I registered a domain name for my web site and in the panel of
it, I can enter my DNS server IP addresses. I want to launch a
23 matches
Mail list logo
