Re: Securing bind..

Russell Coker wrote: > DNS cache machine sents out requests from source port 54 (not obscure - every > administrator of every DNS server on the net can easily discover this). > Recursive requests go to port 53 (getting a DNS client to even talk to > another port is difficult or impossible depend

Re: Securing bind..

On Mon, 31 Dec 2001 05:31, Jor-el wrote: > > DNS cache machine sents out requests from source port 54 (not obscure - > > every administrator of every DNS server on the net can easily discover > > this). > > Not sure I follow what you are saying here. Are you saying that it > is pretty easy f

Re: Securing bind..

On Mon, 31 Dec 2001 01:20, jernej horvat wrote: > On Sunday 30 December 2001 22:58, Russell Coker wrote: > > 2.4.x kernels support the --bind option to mount which avoids the syslogd > > yep. linux v2.4.x and bind v9.x are easier to set up. debian has almost > out-of-the box chroot solution. Are

Re: Securing bind..

On Mon, 31 Dec 2001 06:52, P Prince wrote: > > there are two major problems with all of bernstein's software. the > > first is that it requires you to throw away your existing > > configuration...no big deal for a caching only name-server or if you > > only have one or two domains to serve. a se

naver-mailer

Every time I post here I get a response that looks like a bounce in a strange language from naver-mailer. Here's the headers: Return-Path: <[EMAIL PROTECTED]> Received: by ivanova.coker.com.au (Postfix) id 5C27EFB51; Tue, ?1 Jan 2002 00:29:13 +1100 (EST) Delivered-To: [EMAIL PROTECTED]

Re: naver-mailer

On Mon, 31 Dec 2001 15:28, Russell Coker wrote: > Every time I post here I get a response that looks like a bounce in a > strange language from naver-mailer. Here's the headers: > > > Here's my solution to the naver-mailer problem: > ipchains -A input -j DENY -s 211.218.150.15 They are persistan

Re: Securing bind..

* Craig Sanders ([EMAIL PROTECTED]) spake thusly: ... > > unfortunately, bernstein's software is severely limited by his views. > > he's a fairly good programmerbut a lousy systems administrator, with > no concept of how real world sysadmins use tools or how they automate > them. Did he fin

A Happy New Year From Romania to all of you!

Petre L. Daniel,System Administrator Canad Systems Pitesti Romania, http://www.cyber.ro, email:[EMAIL PROTECTED] Tel:+4048220044, +4048206200 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Apache cgi-bin for users

Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Options ExecCGI SetHandler cgi-script Any other suggestions as to how to setup cgi-bin directories for user acc

Re: Securing bind..

On Mon, Dec 31, 2001 at 04:15:18AM +0100, jernej horvat wrote: > On Monday 31 December 2001 03:34, Michael D. Schleif wrote: > > > > > Because of that policy there are no precompiled packages of djbdns, because: > > "You may distribute a precompiled packa

Re: Securing bind..

On Tue, Jan 01, 2002 at 01:18:43PM +1100, Donovan Baarda wrote: > An interesting thing about djb is he does have knack for identifying > real problems with existing defacto standard software and re-inventing > it. he also reinvents things that don't have any significant problems, sometimes just b

Best way to duplicate HDs

Hi all, What do you think would be the best way to duplicate a HD to another (similar sized) HD? I'm thinking that a live RAID solution isn't the best option, as (for example) if crackers got in and fiddled with the system, all the HDs would end up having the same fiddled files. If the HD is du

Re: Securing bind..

Russell Coker wrote: > DNS cache machine sents out requests from source port 54 (not obscure - every > administrator of every DNS server on the net can easily discover this). > Recursive requests go to port 53 (getting a DNS client to even talk to > another port is difficult or impossible dependi

Re: Securing bind..

On Mon, 31 Dec 2001 05:31, Jor-el wrote: > > DNS cache machine sents out requests from source port 54 (not obscure - > > every administrator of every DNS server on the net can easily discover > > this). > > Not sure I follow what you are saying here. Are you saying that it > is pretty easy fo

Re: Securing bind..

On Mon, 31 Dec 2001 01:20, jernej horvat wrote: > On Sunday 30 December 2001 22:58, Russell Coker wrote: > > 2.4.x kernels support the --bind option to mount which avoids the syslogd > > yep. linux v2.4.x and bind v9.x are easier to set up. debian has almost > out-of-the box chroot solution. Are t

Re: Securing bind..

On Mon, 31 Dec 2001 06:52, P Prince wrote: > > there are two major problems with all of bernstein's software. the > > first is that it requires you to throw away your existing > > configuration...no big deal for a caching only name-server or if you > > only have one or two domains to serve. a sev

naver-mailer

Every time I post here I get a response that looks like a bounce in a strange language from naver-mailer. Here's the headers: Return-Path: <[EMAIL PROTECTED]> Received: by ivanova.coker.com.au (Postfix) id 5C27EFB51; Tue, ?1 Jan 2002 00:29:13 +1100 (EST) Delivered-To: [EMAIL PROTECTED] R

Re: naver-mailer

On Mon, 31 Dec 2001 15:28, Russell Coker wrote: > Every time I post here I get a response that looks like a bounce in a > strange language from naver-mailer. Here's the headers: > > > Here's my solution to the naver-mailer problem: > ipchains -A input -j DENY -s 211.218.150.15 They are persistant

Re: Securing bind..

* Craig Sanders ([EMAIL PROTECTED]) spake thusly: ... > > unfortunately, bernstein's software is severely limited by his views. > > he's a fairly good programmerbut a lousy systems administrator, with > no concept of how real world sysadmins use tools or how they automate > them. Did he fina

A Happy New Year From Romania to all of you!

Petre L. Daniel,System Administrator Canad Systems Pitesti Romania, http://www.cyber.ro, email:[EMAIL PROTECTED] Tel:+4048220044, +4048206200

Apache cgi-bin for users

Greetings and Happy New Year! I am trying to enable cgi-bin on user directories. I found the following lines on the apache.org site, put them in, but they didn't work: Options ExecCGI SetHandler cgi-script Any other suggestions as to how to setup cgi-bin directories for user acco

Re: Securing bind..

On Mon, Dec 31, 2001 at 04:15:18AM +0100, jernej horvat wrote: > On Monday 31 December 2001 03:34, Michael D. Schleif wrote: > > > > > Because of that policy there are no precompiled packages of djbdns, because: > > "You may distribute a precompiled packag

Re: Securing bind..

On Tue, Jan 01, 2002 at 01:18:43PM +1100, Donovan Baarda wrote: > An interesting thing about djb is he does have knack for identifying > real problems with existing defacto standard software and re-inventing > it. he also reinvents things that don't have any significant problems, sometimes just be