Re: MAC-based ssh

To: Hans van Leeuwen <email@hanz.nl>
Cc: debian-security@lists.debian.org
Subject: Re: MAC-based ssh
From: Espen Wiborg <espenhw+debian-security@empolis.no>
Date: Fri, 02 May 2003 13:27:13 +0200
Message-id: <m3of2l4mi6.fsf@montgomery.empolis.no>
In-reply-to: <3EB247BC.6080600@hanz.nl> (Hans van Leeuwen's message of "Fri, 02 May 2003 12:26:04 +0200")
References: <3EB247BC.6080600@hanz.nl>

Hans van Leeuwen <email@hanz.nl> writes:
> My company has created an application that allows remote users to
> edit their DNS-records. This app needs to restart bind on the remote
> nameservers.

I think this is the wrong solution.  A better idea is a cron job on
the nameserver periodically reloading the zone files (which are what
you're editing, right?).  Another solution, requiring more work, is to
use secure dynamic updates (as detailed by RFC 3007).

-- 
Espen Wiborg <espenhw+debian-security@empolis.no>
Do not meddle in the affairs of gurus,
for they can make your life miserable by doing nothing.

Reply to:

References:
- MAC-based ssh
  - From: Hans van Leeuwen <email@hanz.nl>

Prev by Date: Re: MAC-based ssh
Next by Date: Re: MAC-based ssh
Previous by thread: Re: MAC-based ssh
Next by thread: Re: MAC-based ssh
Index(es):
- Date
- Thread