[BlueOnyx:04470] Re: (no subject)
Ken - Precision Web Hosting, Inc
kenlists at precisionweb.net
Wed May 12 16:42:43 -05 2010
----- Original Message -----
From: "Jeff Folk" <jefffolk at mac.com>
To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
Sent: Wednesday, May 12, 2010 2:01 PM
Subject: [BlueOnyx:04466] Re: (no subject)
> On May 12, 2010, at 3:45 PM, Ken - Precision Web Hosting, Inc wrote:
>
>>> Anyway. I am dealing with PCI compliance issues for a client and my
>>> server guy says that I have BIND version 9.3.6 DNS cache poisioning
>>>
>>> This true?
>>>
>>>
>>>
>>
>> Set it to not allow recursion from IPs outside your network.
>
> That isn't sufficient to pass PCI compliance for credit cards, but
> surely, you better have best practice security methods in place as well.
>
> Jeff
> _______________________________________________
If it's patched then it is not vulnerable; so it's not a question of
security, just a question of passing the scan.
Also, if they can't use your dns for recursion, then I don't think they
could poison it.
----
Ken M
Precision Web Hosting, Inc.
http://www.precisionweb.net
More information about the Blueonyx
mailing list