Great Circle Associates Firewalls
(October 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: DNS on the Firewall - security problem
From: Bernd Eckenfels <lists @ lina . inka . de>
Date: Sun, 19 Oct 1997 18:21:42 +0200
To: Darren Reed <avalon @ coombs . anu . edu . au>
Cc: Adam Shostack <adam @ homeport . org>, ahuger @ silence . secnet . com, firewall-wizards @ nfr . com, firewalls @ GreatCircle . COM
In-reply-to: <199710120733 . AAA27846 @ honor . greatcircle . com>; from Darren Reed on Sun, Oct 12, 1997 at 05:29:56PM +1000
References: <199710120541 . BAA29582 @ homeport . org> <199710120733 . AAA27846 @ honor . greatcircle . com> 
Hello,

On Oct 12, Darren Reed wrote
> You might want to have a look around for implementations already available
> which do this.  I'm pretty sure this has been done by a few people already,
> once for Linux and one for FreeBSD.

There is a POSIX.6/1e Project which has already produced a workinmg
boot-floppy which has priveleges to split up super-user rights.

Another options is to use "ipfwadm -i acc -P udp -Dx.x.x.x 53 -r 5353"
toredirect port 53 to a higher one.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels @
 Wittumstrasse13 .
 76646Bruchsal .
 de --
 ( .. )  ecki @
 {inka .
 de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes @
 irc  +4972573817  BE5-RIPE
(O____O)       If privacy is outlawed only Outlaws have privacy
References:
Indexed By Date Previous: Re: DNS on the Firewall - security problem
From: Bernd Eckenfels <lists @ lina . inka . de>
Next: Re[2]: Stealing data via Internet Explorer 4
From: Martin Sauer <ms @ skp . de>
Indexed By Thread Previous: Windows NT domain through Gauntlet firewall
From: Colin Linahan <cfl @ parkville . molsci . csiro . au>
Next: Re: DNS on the Firewall - security problem
From: Gaddy Gumbao <succesor @ mnl . sequel . net>
Google
 
Search Internet Search www.greatcircle.com