OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Cracked by the Brazilians
From: karthik krishnamurthy (karthik_krish76YAHOO.COM)
Date: Sat Apr 01 2000 - 05:18:07 CST

Hi,
  I dont think your named is listening only on your
private interface. i have made the changes which
should make it secure ( to the best of my opinion). As
you are running a caching only nameserver the
listen-on directive is all you need.

physics 2% more /etc/named.conf

acl "valhall" {
        { 192.168.3.1/32; };
        { 192.168.3.0/24; };
        };

options {
        directory "/var/named";
        listen-on {valhall; };
};

--- Seth Milder <mrsethPHYSICS.GMU.EDU> wrote:
> Ralf Spenneberg wrote:
> >
> > Hi!
> >
> > Are you sure that your bind is just listening to
> the private ethernet card?
>
> I think so. My conf file is below
>
> Thanks,
>
> Seth
>
>
> physics 2% more /etc/named.conf
>
> acl "valhall" {
> { 192.168.3.1/32; };
> { 192.168.3.0/24; };
> };
>
> options {
> directory "/var/named";
> };
> zone "." {
> type hint;
> file "named.ca";
> };
> zone "physics.bogus"{
> type master;
> file "valhall";
> allow-query {valhall;};
> notify no;
> };
> zone "0.0.127.IN-ADDR.ARPA"{
> type master;
> file "named.local";
> };
> zone "3.168.192.IN-ADDR.ARPA"{
> type master;
> file "arp.valhall";
> allow-query {valhall;};
> notify no;
> };
>

__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com