[LinuxUsers] DNS SERVER CORRECTION
Jeff Lasman
jplists at nobaloney.net
Sat Aug 2 06:36:21 UTC 2008
On Thursday 31 July 2008 05:25 pm, Paul Saenz wrote:
> Bind is vulnerable to the DNS cache poisoning vulnerability.
> I would go to the website doxpara.com to see if the vulnerability
> exists on the dns I use. But that's just me. I'm just learning this
> stuff.
You don't fall victim to the cache poisoning vulnerability if you don't
use recursive (caching) DNS. On Red Hat and CentOS it's easy; we just
don't install the caching-nameserver RPM.
> You, on the other hand, have probably already done what you need to
> do to take care of any vulnerabilities.
Above said, we install vulnerability updates immediately. Currently
we're relying on others for our recursive DNS, but we're looking into
running our own.
Jeff
--
Jeff Lasman, Nobaloney Internet Services
P.O. Box 52200, Riverside, CA 92517
Our jplists address used on lists is for list email only
voice: +1 951 643-5345, or see:
"http://www.nobaloney.net/contactus.html"
More information about the LinuxUsers
mailing list