[BlueOnyx:04467] Re: (no subject)
webmaster
webmaster at oldcabin.net
Wed May 12 16:06:42 -05 2010
At 03:45 PM 5/12/2010, you wrote:
>----- Original Message -----
>From: "webmaster" <webmaster at oldcabin.net>
>To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
>Sent: Wednesday, May 12, 2010 12:46 PM
>Subject: [BlueOnyx:04461] (no subject)
>
>
> >
> > Running BX everything is up to date using yum (I thknk)
> >
> > Webmin tells me that my version of bind is BIND version 9.3.6. Correct?
> >
> > Anyway. I am dealing with PCI compliance issues for a client and my
> > server guy says that I have BIND version 9.3.6 DNS cache poisioning
> >
> > This true?
> >
> >
> >
>
>Set it to not allow recursion from IPs outside your network.
Recursion allowed appears to be commented out in /etc/named.conf (550)
options {
directory "/etc/named";
// spoof version for a little more security via obscurity
version "100.100.100";
// no forwarders defined
allow-transfer { none; };
// recursion allowed
};
AND
Recursion allowed appears to be "off" in /etc/named.conf (BX)
options {
directory "/var/named";
// spoof version for a little more security via obscurity
version "100.100.100";
// no forwarders defined
// zone transfer access denied
allow-transfer { none; };
// recursion access denied
recursion no;
};
>----
>Ken M
>Precision Web Hosting, Inc.
>http://www.precisionweb.net
>
>
>
>_______________________________________________
>Blueonyx mailing list
>Blueonyx at blueonyx.it
>http://www.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list