Educause Security Discussion
mailing list archives
DNS servers - IP Filter
From: "Cheek, Leigh" <lcheek () UTK EDU>
Date: Mon, 10 Nov 2008 10:03:43 -0500
I am reviewing DNS servers with Solaris 10 and BIND 9.5.1b2. Solaris was
hardened to the Center for Internet Security Benchmark. I am looking for
best practices for configuring the IP Filter/IP Table.
Our security team recommends configuring to IP Filter as follows:
Allow access to public services like DNS (53/udp, 53/tcp, and a
few others) and HTTP/HTTPS from anywhere.
Allow access to other services (RPC, NFS, SSH, etc.) only from
those systems, which require access to them.
Deny all others.
If there are questions, do a traffic capture on those systems to
see what is actually being used and how would be a good start.
Do you have any thoughts or experiences on configuring IP Filter on DNS
- DNS servers - IP Filter Cheek, Leigh (Nov 10)