Complete.Org: Mailing Lists: Archives: linux-help: October 2000:
[linux-help] Re: Firewalls and bind 		Home

[linux-help] Re: Firewalls and bind

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] Re: Firewalls and bind
From: Steven Saner <ssaner@xxxxxxxxxxxxxxx>
Date: Tue, 17 Oct 2000 18:05:47 -0500
Reply-to: linux-help@xxxxxxxxx 
This isn't quite as easy as it sounds. DNS queries generally use port
53 but there are some differneces between bind 4 and bind 8 in this
regard. The DNS and Bind book from O'Reilly has a section in the back
under Miscellaneous about putting bind behind a firewall.

The thing is that you can't block all access from the outside world to
port 53. If you do so, it can't work as a caching server. You have to
be able to send queries to other name servers and get responses back.


On Tue, Oct 17, 2000 at 05:49:09PM -0500, james l wrote:
> I would like to set up bind, as a caching only nameserver. However, as bind
> is typically a weak spot in security, I would like to firewall off the port
> except for a few computers. I already have the bind setup (and it has
> worked). It is on a 2.2 kernel.
> 
> What I would like to know is either:
> 
> 1. What the commands are to do this (I am lazy)
> 2. What port named (bind) runs on. I haven't been able to find what it is. 
> (but likely you are too)
> 
> James L.
> 
> 
> -- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi

-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
[Prev in Thread] Current Thread [Next in Thread]