Re: Task harden.

Michael Stone <mstone@debian.org> wrote:
> On Tue, Apr 03, 2001 at 10:09:16PM +1000, Herbert Xu wrote:
>> What about a multi-homed server?

> One would assume that in most cases the ip's aren't changing. (I.e.,
> they interfaces are configured once, before the bind startup.) If you

What if those interfaces come and go, as in a VPN interface? If you've got
hundreds of those, it's a pain to set up dummy interfaces for each one of
them before starting bind.

> think about it a minute, you'll see why the idea of having a dns server
> serving a dynamic ip address isn't given much consideration.

But I still haven't heard a single argument as to why bind is listening on
individual addresses rather than 0.
