* Jason Dixon <[EMAIL PROTECTED]> [2003-09-02 16:18]: > On Tue, 2003-09-02 at 22:08, Ed Wilts wrote: > > On Tue, Sep 02, 2003 at 09:55:41PM -0400, Jason Dixon wrote: > > > On Tue, 2003-09-02 at 21:44, NfoCipher wrote: > > > > On Tue, 2003-09-02 at 20:18, Marc Adler wrote: > > > > > > Wrong. DNS uses 53/tcp for zone transfers, 53/udp for normal queries. > > > Just because you filter against TCP doesn't mean a future remote exploit > > > against the resolution libraries couldn't endanger your box. > > > > This is true for every service. If you don't need it, turn it off. > > I vote with Jason on this one, although he could have said it a bit more > > diplomatically :-). > > Ed, you're absolutely right. I apologize for the tone of my previous > post. I get all worked up when folks give crappy advice. ;-)
Ok, ok. So what should I do? Remove the offending line from /etc/resolves.conf (the first one, if I remember correctly) and the other local nameservers stuff, then: chkconfig named off service named stop Right? Also, the discussion of why a local domain name service is bad was way above my head, which I guess is why you (<=plural) think I shouldn't be using it. -- Marc Adler -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
