Linux-Bulgaria.ORG

навигация

начало

пощенски списък

архив на групата

По Дата

Re: [lug-bg: FW: CERT Advisory CA-2000-20]

Subject: Re: [lug-bg: FW: CERT Advisory CA-2000-20]
From: zimage@xxxxxxxxx (Theodor Milkov)
Date: Fri, 17 Nov 2000 14:11:37 +0200



On Fri, Nov 17, 2000 at 10:18:19AM +0200, sheib@xxxxxxx wrote:
> >Boyan Krosnov <bkrosnov@xxxxxxxxx> wrote:
> >malko twyrde kysno ama wse pak moje oshte da ne ste chuli...
> >
> >towa e golqm problem i ako ste administrator na name server wzemete merki.
> >
> >--
> >Boyan Krosnov (http://www.nat.bg/~bkrosnov)
> >Network Administrator
> >Lirex BG Ltd.
>  
>  
> Bravo na Boyan <bkrosnov at lirex dot com>
> che chete bugtraq, pohvalno.
> Verno, che e kysno - predi sedmica izleze adviseory-to.
> No ne e "golqm problem", tyi kato *samo* zasegnati sa
> nameserverite koito praviat zone transfer, t.e trafika koito stava
> v LAN-a ili WAN, primerno.Tozi zone-transfer moje da byde ogranichen
> ili napylno sprian ot named.conf chrez acl lists.Taka che ne vijdam
> miasto za panika i paranoia.

Kakto se okazva obache, 3/4 ot clientite mi polzvat file koito si e v
distributsiata na bind, koito izglejda taka:

options {
        directory "/var/named";
};

zone "." {
        type hint;
        file "root.cache";
};

zone "localhost" {
        type master;
        file "pri/localhost";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "pri/127.0.0";
};

zone "rc.vix.com" {
        type stub;
        file "stub/rc.vix.com";
        masters { 204.152.187.21; };
zone "186.152.204.in-addr.arpa" {
        type stub;
        file "stub/204.152.186";
        masters { 204.152.187.21; };
};

zone "187.152.204.in-addr.arpa" {
        type stub;
        file "stub/204.152.187";
        masters { 204.152.187.21; };
};

Kato samo sa promenili imenata na zonite. T.e. okolo 1/4 samo se biaha setili da si slojat:

        query-source address * port 53;
        allow-transfer
        {
                193.bbb.ccc.ddd ;
        }

I to samo zashtoto pri predishnata shumotevica okolo NPTR bug-a, biah gi
reviziral... Taka che si e problem.


-- 
        =- --rw------- =--=--=--=--=--=--=--=--=--=--=--=--=--=
          Theodor Milkov           Administrator IP Networks
          Davidov Electric Ltd.    Phone: +359 (2) 730158
          PGP: http://www.zimage.delbg.com/zimage.asc
        =--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=


<HR>
<UL>
<LI>application/pgp-signature \\\\\\\\\ \\\\: stored
</UL>

==================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
Otpiswaneto RABOTI !!! : Majordomo@xxxxxxxxxxxxxxxxxx UNSUBSCRIBE LUG-BG
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora

Относно:
- Re: [lug-bg: FW: CERT Advisory CA-2000-20]
  - Изпратено от: sheib@xxxxxxx (sheib@xxxxxxx)

Предишно по дата: RE: [lug-bg: FW: CERT Advisory CA-2000-20]
Следващо по дата: Re: lug-bg: Mrtg
Предишно по тема: Re: [lug-bg: FW: CERT Advisory CA-2000-20]
Следващо по тема: RE: [lug-bg: FW: CERT Advisory CA-2000-20]
Индекс:
- По дата
- По тема

наши приятели

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

Linux-Bulgaria.ORG