[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Task harden.

Michael Stone <mstone@debian.org> wrote:
> On Tue, Apr 03, 2001 at 10:09:16PM +1000, Herbert Xu wrote:
>> What about a multi-homed server?

> One would assume that in most cases the ip's aren't changing. (I.e.,
> they interfaces are configured once, before the bind startup.) If you

What if those interfaces come and go, as in a VPN interface? If you've got
hundreds of those, it's a pain to set up dummy interfaces for each one of
them before starting bind.

> think about it a minute, you'll see why the idea of having a dns server
> serving a dynamic ip address isn't given much consideration.

But I still haven't heard a single argument as to why bind is listening on
individual addresses rather than 0.
Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to: