Home page logo
/

educause logo Educause Security Discussion mailing list archives

DNS servers - IP Filter
From: "Cheek, Leigh" <lcheek () UTK EDU>
Date: Mon, 10 Nov 2008 10:03:43 -0500

I am reviewing DNS servers with Solaris 10 and BIND 9.5.1b2. Solaris was
hardened to the Center for Internet Security Benchmark. I am looking for
best practices for configuring the IP Filter/IP Table.  

Our security team recommends configuring to IP Filter as follows: 
        Allow access to public services like DNS (53/udp, 53/tcp, and a
few others) and HTTP/HTTPS from anywhere.
        Allow access to other services (RPC, NFS, SSH, etc.) only from
those systems, which require access to them.
        Deny all others.
        If there are questions, do a traffic capture on those systems to
see what is actually being used and how would be a good start.


Do you have any thoughts or experiences on configuring IP Filter on DNS
servers? 


Thanks,
Leigh

  By Date           By Thread  

Current thread:
  • DNS servers - IP Filter Cheek, Leigh (Nov 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]