Great Circle Associates Firewalls
(April 1993) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: DNS over TCP
From: avalon @ coombs . anu . edu . au (Darren Reed)
Date: Tue, 20 Apr 93 7:52:15 EST
To: firewalls @ GreatCircle . COM (Firewall Mailing List)
Reply-to: avalon @ coombs . anu . edu . au 
If zone transfers are a problem, why not use the BIND 4.8.3 source and
just hack them out all together ?

Ok, this would take longer than just blocking TCP, but customizing your
environment like this is a good way to increase security.  For example,
a few sys admins I know who passionately keep logs have picked up the
source to in.rshd and hacked that to log stuff properly, in addition to
using TCP wrapper V5 to get usernames via ident where possible.

Darren
Indexed By Date Previous: Re: DNS over TCP
From: safdas @ moose . wan . gs . com (Shabbir J Safdar)
Next: looking for....
From: pmetzger @ lehman . com (Perry E. Metzger)
Indexed By Thread Previous: Re: DNS over TCP
From: chk @ alias . com (C. Harald Koch)
Next: Re: DNS over TCP
From: Alexander Dupuy <dupuy @ hudson . cs . columbia . edu>
Google
 
Search Internet Search www.greatcircle.com