Advanced DNS Options

[wildgoosed]

Hey, Absolutly a great project.

Here are a few ideas, not sure if they have been discussed or not but oh well :/ A few other ideas as well

I think an option for enabling/disabling DNS recursion would be an excellent idea as some people don't mind/have to provide recursion while others are just using their dns servers to be authoritive for some domains they have purchased.

SSH chroot jail/FTP chroot jail would add additional security.

Bind9 in a chroot by default. Not sure if this is happening already.

Thanks so much!

[till]

Quote:

I think an option for enabling/disabling DNS recursion would be an excellent idea as some people don't mind/have to provide recursion while others are just using their dns servers to be authoritive for some domains they have purchased.

This can be easily enabled in the bind config file.

http://www.howtoforge.com/forums/sho...ight=recursion

But having an option in the interface for this is a good idea.

Quote:

SSH chroot jail/FTP chroot jail would add additional security.

SSH Chroting is already implemented. You just have to make sure that your SSH daemon supports chrooting and then enable it in /home/admispconfig/ispconfig/lib/config.inc.php

FTP chrooting has just to be anabled in proftpd.conf or vsftpd.conf, if you followed one of the prtfrct detup howtos, then it is enabled.

Quote:

Bind9 in a chroot by default. Not sure if this is happening already.

This is supported tooa dn if you followed one of the perfect setup howtos, chrooting is already enabled.

[wildgoosed]

Thanks for the replies till

What I was getting at was It would be nice to admin these options on the ispconfig web admin site.