From: Grant Lowe (GLowe@MedImpact.com)
Date: Thu Jul 25 2002 - 10:59:18 EDT
Hi gurus.
I got about a dozen answers on this. Some suggested we get a DJBdns server
(http://cr.yp.to/djbdns.html). This program runs runs as an unprivileged
user, in a chroot jail. Others added to this that I go to
http://www.boran.com/security/sp/bind_hardening.html and use that as it
provides a step-by-step guide for BIND, with examples, using the chroot
jail. Combined with these two suggestions was to use SSH only to get into
the box, remove all non-essential services, and use TCP wrappers (already
planned on doing that).
Thanks to the following people for their help:
system administration account [sysadmin@astro.su.se]
Lars Hecking [lhecking@nmrc.ie]
Roy Culley [tgdcuro1@gd2.swissptt.ch]
Schmitt, Martin (Dregis STB C) [Martin.Schmitt@Dregis.com]
Solaris List [solaris@ns1.silvex.com]
tflat [tflat@astrocreep.net]
Gert-Jan Hagenaars [gj@hagenaars.com]
Unix4me@aol.com
Christopher L. Barnard [cbar44@tsg.cbot.com]
ahaukin@hushmail.com
Grant
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:39 EDT