[CentOS] BInd Problem or Update SSL ?
Always Learning
centos at g7.u22.net
Sat Feb 19 00:01:39 UTC 2011
On Fri, 2011-02-18 at 18:32 -0500, Lamar Owen wrote:
> On Friday, February 18, 2011 04:15:28 pm Always Learning wrote:
> > Don't understand what you mean by 'within our /19'.
> I think I do; he's an ISP, and apparently someone inside his address block
> ... has hacked in some way the zone file(s) or the cache for his
> nameserver so that his customers, who would ordinarily use his DNS
> server as their recursive resolver, now see www.yahoo.com (among who
> knows what others) as pointing to a different address ....
Thank you for explaining Larry had his DNS servers hacked or poisoned.
> .... to prevent such things I would recommend to Larry that he use the
> great iptables tools that CentOS provides ...
> ... to restrict the addresses that can actually ssh into his server,
> and only allow port 53 UDP and TCP traffic into and out of his DNS
> servers to his customers.
Agreed. IPtables is a very useful tool to block unauthorised accesses in
and (heaven forbid) out of one's servers. Every server is screwed down
to the barest minimum and every port that can be changed from its
default is. No servers share the same non-standard port numbers. SSH
access is limited to 3 static IP addresses. Aggressive blocking with
IPtables can prevent a lot of time wasting aggro.
I also ban some Chinese blocks and even more Taiwan blocks from port 80
to reduce web hacking and lots of Taiwanese blocks from port 25.
--
With best regards,
Paul.
England,
EU.
More information about the CentOS
mailing list