aboutsummaryrefslogtreecommitdiffstats
path: root/main/perl-compress-raw-bzip2
diff options
context:
space:
mode:
authorHugo Landau <hlandau@devever.net>2014-10-16 16:52:17 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2014-10-16 19:05:10 +0000
commit10f550c471adec9b04d66ceb81eddf88f95c7598 (patch)
tree80cdcda501f3aff43b71636773af7c54775d86a4 /main/perl-compress-raw-bzip2
parentcddbf13cfdf463498f1619cb11a6e665650b3563 (diff)
downloadaports-10f550c471adec9b04d66ceb81eddf88f95c7598.tar.bz2
aports-10f550c471adec9b04d66ceb81eddf88f95c7598.tar.xz
bind: Modify default config to be more secure
By default BIND will happily serve as both an authoritative nameserver and recursive resolver, but this is no longer a recommended or desirable configuration. The previous default configuration did not draw attention to this fact and the issues involved. Users are now made to rename one of two sample configuration files, named.conf.authoritative or named.conf.recursive. Comments inside either file advise DNS administrators of the most prevalent security issues. This ensures that users setting up an authoritative nameserver do not unwittingly also operate a resolver. In the previous default configuration, BIND would happily perform recursive resolution for localhost, which means that the local machine may receive non-authoritative data from what is supposed to be an authoritative nameserver. Both default configurations disable zone transfers by default, as BIND defaults to enabling them for any host (!).
Diffstat (limited to 'main/perl-compress-raw-bzip2')
0 files changed, 0 insertions, 0 deletions