#1  
Old 17th November 2005, 13:48
jayd jayd is offline
Junior Member
 
Join Date: Nov 2005
Posts: 4
Thanks: 0
Thanked 1 Time in 1 Post
 
Exclamation secure bind a bit

in the normal configuration of ispconfig the system is vulnerable for this http://www.cert.org/incident_notes/IN-2000-04.html kind of attack.

I had installed ispconfig on a fresh ubuntu 5.10 Server install. So i can't say if this is Ubuntu or ispconfig vault. But solving is really easy.

So if you modified the named.conf.master (found in /root/ispconfig/isp/conf/) to the following, everthing is fine !

replace xxx.xxx.xxx.xxx with your puplic IP!
Code:
acl recurseallow { xxx.xxx.xxx.xxx; 127.0.0.1; };
options {
        pid-file "/var/run/bind/run/named.pid";
        directory "{BINDDIR}";
        auth-nxdomain no;
        allow-recursion { recurseallow; };
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};


Maybe it has to be placed here
http://www.howtoforge.com/perfect_setup_ubuntu_5.10_p3 cause i don't take a look if ispconfig will get entrys from named.conf ...
Reply With Quote
The Following User Says Thank You to jayd For This Useful Post:
marton_erno (12th January 2008)
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind not working radioguy Installation/Configuration 12 24th April 2006 16:53
DNS stuff (bind cfg and theory) Ovidiu Server Operation 28 6th March 2006 07:57
ISPconfig without Bind heyp Installation/Configuration 2 1st October 2005 09:49
Bind stops and cannot be restarted after a slave domain is added jason Installation/Configuration 20 19th August 2005 08:16
Secure and Private Browsing with Squid bernd HOWTO-Related Questions 1 24th May 2005 02:31


All times are GMT +2. The time now is 12:18.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.