Displaying 4 results from an estimated 4 matches for "basici".
Did you mean:
basic
2017 Apr 12
3
bind vs. bind-chroot
Hi,
On my public servers, I usually run BIND for DNS. I see CentOS offers a
preconfigured (sort of) bind-chroot package. I wonder what's the
effective benefit of this vs. a "normal" BIND setup without chroot. On
my Slackware servers, I have a rather Keep-It-Simple approach to all
things security, e. g. run no unneed services, open only needed ports
etc. but I don't run the extra
2017 Apr 12
0
bind vs. bind-chroot
...xtra mile (and haven't been bitten so far).
>
> Any suggestions? (No flamefest please.)
bind went through a rocky stage where there were a LOT of security holes
in it. by running it in a chroot, you limit its ability to be used as a
hacking point of entry. recent versions of bind (basicially, 9 and
newer) are much more secure, so this is less of a concern.
--
john r pierce, recycling bits in santa cruz
1998 Jul 15
0
Re: RedHat 5.X Security Book
...wat you are using the book for..I myself have been
trying for a long time to find a document that describes basic RedHat and
Linux security, what to look for, inherent dangers etc etc.
So I was overjoyed when I found this book. No, I am not depending on it as
a sole source of information, but the basicis that it covers simply do not
get repeatadly posted to the lists you mentioned, at least not that I have
seen. I think it is a wonderful intro into system security, but it should
be made clear that it is not intended as a "fix-all".
Just my two cents.
-- Jason Welman
-----Original Mes...
2017 Apr 13
4
bind vs. bind-chroot
...n so far).
>>
>> Any suggestions? (No flamefest please.)
>
>
> bind went through a rocky stage where there were a LOT of security
> holes in it. by running it in a chroot, you limit its ability to be
> used as a hacking point of entry. recent versions of bind
> (basicially, 9 and newer) are much more secure, so this is less of a
> concern.
>
>
But make sure to have SELinux enabled if you do not run it chrooted.
I have mine running that way.