Search found 2 matches
- 08 Feb 2016, 15:49
- Forum: General Discussion (csf)
- Topic: Strategy For Bind9
- Replies: 2
- Views: 4397
Re: Strategy For Bind9
On our servers, we also filter outbound traffic so the "random (high) source ports" are blocked. We only allow specific (minimal) outbound traffic to limit what a compromised server can do. I also found this comment in csf.conf, which sounds somewhat pertinent: # If you allow incoming DNS ...
- 04 Feb 2016, 18:01
- Forum: General Discussion (csf)
- Topic: Strategy For Bind9
- Replies: 2
- Views: 4397
Strategy For Bind9
Hi, I recently put up a new DNS server using 'bind9' and installed CSF. I prefer to filter outgoing traffic, as much as possible, as well as incoming. In the past, I allowed port 53 TCP and UDP in both incoming and outgoing directions with TCP_IN, TCP_OUT, UDP_IN and UDP_OUT. However, apparently, by...