HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Feature Requests (
-   -   secure bind a bit (

jayd 17th November 2005 14:48

secure bind a bit
in the normal configuration of ispconfig the system is vulnerable for this kind of attack.

I had installed ispconfig on a fresh ubuntu 5.10 Server install. So i can't say if this is Ubuntu or ispconfig vault. But solving is really easy.

So if you modified the named.conf.master (found in /root/ispconfig/isp/conf/) to the following, everthing is fine !

replace with your puplic IP!

acl recurseallow {;; };
options {
        pid-file "/var/run/bind/run/";
        directory "{BINDDIR}";
        auth-nxdomain no;
        allow-recursion { recurseallow; };
        * If there is a firewall between you and nameservers you want
        * to talk to, you might need to uncomment the query-source
        * directive below.  Previous versions of BIND always asked
        * questions using port 53, but BIND 8.1 uses an unprivileged
        * port by default.
        // query-source address * port 53;

Maybe it has to be placed here cause i don't take a look if ispconfig will get entrys from named.conf ...

All times are GMT +2. The time now is 21:49.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.