HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Bind 4.9 security concern
Operating System - HP-UX
1825720
Members
3137
Online
109686
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2002 05:29 AM
09-06-2002 05:29 AM
Bind 4.9 security concern
Yes, still 4.9 (see my other post for upgrade issue), and I would like to know if there is anyway to restrict access to our testing subnet only, so no outsider can use this dns server?
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2002 05:34 AM
09-06-2002 05:34 AM
Re: Bind 4.9 security concern
Bind 8.9+ does support ACL's restricting who can get DNS information from the server, including standard lookups.
OLD bind does not do this.
sendmail.org has lots of documentation on using ACL's with DNS, as well as for fee installation support. You should also get "DNS and BIND" by O'Reilly and Associates. SHows you how to use the ACL features, and many other features of bind 8.9+.
Regards,
Shannon
OLD bind does not do this.
sendmail.org has lots of documentation on using ACL's with DNS, as well as for fee installation support. You should also get "DNS and BIND" by O'Reilly and Associates. SHows you how to use the ACL features, and many other features of bind 8.9+.
Regards,
Shannon
Microsoft. When do you want a virus today?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2002 05:56 AM
09-06-2002 05:56 AM
Re: Bind 4.9 security concern
I know, but my problem is I cannot upgrade my 4.9 to 8.9+ (see my other posting). We are running 8.9+ on Solaris box. But I need some virtual host testing on this HPUX box (don't want to touch the productional dns) thus run into this problem. Thus, I will need information on 4.9.
Thanks anyway.
Thanks anyway.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2002 06:08 AM
09-06-2002 06:08 AM
Re: Bind 4.9 security concern
Maybe I was not clear enough in my answer.
There is no possible way to ACL lookups in 4.9. This feature was not made available until version 8.8(I think), and 8.8 was quicky discarded due to security concerns and migrated to 8.9.
If you want not to allow external lookups, an alternate test method would be to setup a dummy DNS zone or two on an internal server to test. Perhaps setup an internal box which will forward to the real server, and have a dummy zone as well for testing.
But again, with 4.9 your stuck with open lookups!
Regards,
Shannon
There is no possible way to ACL lookups in 4.9. This feature was not made available until version 8.8(I think), and 8.8 was quicky discarded due to security concerns and migrated to 8.9.
If you want not to allow external lookups, an alternate test method would be to setup a dummy DNS zone or two on an internal server to test. Perhaps setup an internal box which will forward to the real server, and have a dummy zone as well for testing.
But again, with 4.9 your stuck with open lookups!
Regards,
Shannon
Microsoft. When do you want a virus today?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2002 07:08 AM
09-06-2002 07:08 AM
Re: Bind 4.9 security concern
Use ipfilter
see
http://software.hp.com
or, since you're on a subnet, put a DNS ACL on the router for that subnet.
see
http://software.hp.com
or, since you're on a subnet, put a DNS ACL on the router for that subnet.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Support
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP