Hi gurus. I got about a dozen answers on this. Some suggested we get a DJBdns server (http://cr.yp.to/djbdns.html). This program runs runs as an unprivileged user, in a chroot jail. Others added to this that I go to http://www.boran.com/security/sp/bind_hardening.html and use that as it provides a step-by-step guide for BIND, with examples, using the chroot jail. Combined with these two suggestions was to use SSH only to get into the box, remove all non-essential services, and use TCP wrappers (already planned on doing that). Thanks to the following people for their help: system administration account [sysadmin@astro.su.se] Lars Hecking [lhecking@nmrc.ie] Roy Culley [tgdcuro1@gd2.swissptt.ch] Schmitt, Martin (Dregis STB C) [Martin.Schmitt@Dregis.com] Solaris List [solaris@ns1.silvex.com] tflat [tflat@astrocreep.net] Gert-Jan Hagenaars [gj@hagenaars.com] Unix4me@aol.com Christopher L. Barnard [cbar44@tsg.cbot.com] ahaukin@hushmail.com Grant _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Thu Jul 25 11:02:05 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:50 EST