DNS security patch
Hi, running NW65SP7. I see since Aug 8th (TID#5032400) the security patch for the popular DNS issues has now been posted. What I'm wondering about is it necessary to post this to your server if your DNS is only used for internal queries? That is the DNS cannot be queried from outside the firewall? If not needed when an internal DNS only, then I won't bother installing and risking my environment, since there's no other fix mentioned in the release. Cheers James Jjb, > That is the DNS cannot be queried from outside the > firewall? Do you trust t...

How secure is secure?
Thanks to this group and all the high tech individuals who frequent it I have learned how to protect my PC from the inside out. But what about security risks to my info 'before' it gets to my computer? Like my mail box on the server. Could someone hack into that and thumb through my mail? If so, how would I ever know? (The short story) We have a rogue employee at my work who one day decided to run the web site, she got in tight with the ISP, got tools to set and delete passwords on a protected directory on the server. Who knows if she has telnet access to other things, li...

when is secure, secure?
Lo everyone, I wrote a custom authentication handler for PureFTPD, using a combination of authentication methods, for about 4 different types of users. So far, from testing it, it does look to work properly, and does it's job pretty well (and fast). I use #!/usr/bin/perl -W as well as use Strict, and use warnings, and the code returns no errors or warnings when run. I am right to presume that this basically only really tells me the my syntax and structure of the application is right? What's a good way to see whether it is actually SECURE... There is a couple of lines of...

security too secure
Name: joe Product: Firefox Summary: security too secure Comments: The security thing won't let me in this sight no matter how I accept, confirm, get certificate, etc. https://www.vtext.com/customer_site/jsp/messaging_lo.jsp Browser Details: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-GB; rv:1.9.1b4) Gecko/20090423 Firefox/3.5b4 From URL: http://hendrix.mozilla.org/ Note to readers: Hendrix gives no expectation of a response to this feedback but if you wish to provide one you must BCC (not CC) the sender for them to see it. ...

DNS question for security (DMZ, Private and ISP DNS _
My customer DNS (two WIN 2000 AD) in the private will forward request to IIS 5 DNS in the DMZ. When registering the domain of the customer, would you use the ISP DNS for the customer'domain 2 DNS? Or you would use the DMZ'DNS Server in the DMZ and the ISP DNS for the secondary ??? I'm concerned about security.... JF Unless your customer has an arrangement for the ISP to host their public DNS, then it will do no good to have the ISP's DNS servers listed in the domain registry. Security wise, it would be better to have 2 dedicated DNS servers operating in s...

Secure DNS?
I just read an article about secure dns, being called DNSSEC. (www.dnssec.net) Does Novell's DNS server support this new feature? Thanks, Cheryl Cheryl Fischer Network / Email Administrator Horizon Bank Cheryl, It appears that in the past few days you have not received a response to your posting. That concerns us, and has triggered this automated reply. Has your problem been resolved? If not, you might try one of the following options: - Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp - Check all of the other support tools a...

DNS UP
Hi We are running 2 BM (3.8) Proxies and until today they have been operating reasonably well. Today we have started getting a lot of 504 errors on workstations using either both servers, looking at the proxy DNS page (on both servers) the DNS links are continually going up and down (like our internet) We have 3 DNS servers entered 2 external and 1 internal. I have tested from outside the BM Servers $and know the 2 external DNS servers are working fine (also no one else who use our provider have an issue). The internal DNS also seems fime. We have not made any changes to th...

DNS SECURITY ALGORITHM NUMBERS DNS KEY and SIG RRs
DNS SECURITY ALGORITHM NUMBERS DNS KEY and SIG RRs [RFC2535] use an 8-bit number used to identify the security algorithm being used: Number DescriptionReference --------- ------------------------------ --------- 0 Reserved 1 RSA/MD5 [RFC2537,RFC1321] deprecated, see 5 2 Diffie-Hellman [RFC2539] 3 DSA/SHA1 [RFC2536,DSA,SHA-1] 4 Reserved for Elliptic Curve Crypto 5 RSA/SHA-1 [RFC3110] 6 - 251 Reserved by the IANA 252 ...

Securing DNS.
Can anyone tell me what's the best way to lock down DNS so that it doesn't send out root hints ? Just moved our DNS and now it's responding to such queries. Is this something I can do with a query filter ?! Thanks. -- neiljt1 ------------------------------------------------------------------------ neiljt1, It appears that in the past few days you have not received a response to your posting. That concerns us, and has triggered this automated reply. Has your problem been resolved? If not, you might try one of the following options: - Visit http...

DNS? What DNS?
This has never happened before and in light light of this morning's news about the DDOS I was wondering if it is just my machine or if something else is going on. Background: A firewall on one of my machines blocked IE from getting to the net. I wanted to trace where it was planning to go to (207.188.24.150)to figure out if this was just XP again or something else. I tried Neo Trace and PC Helps "Net Tracer" but neither can track it. All I get is "undetermined" or "timed out" Robin In article <3DB714A2.7050902@twcny.rr.com>, omeru...

Security and DNS
--____FIVYRACBLJROFPKWMWQS____ Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Hi all: We're running DNS on Netware 6.5 SP2 as a clustered resource. It is = working very well (thanks for asking!) We have been running through our year end security self audit and I have = been tweaking our DNS setup up.=20 What I have done is this: Each client on LAN: gets 2 DNS entries. One local DNS server and one at a = remote office (both Netware). Offices are interconnected by private lines = so this process is all behind the firewall. Each...

Comodo Secure DNS
http://www.comodo.com/secure-dns/ Looks interesting? Perhaps it could be added to DNS Benchmark? DNS Nameserver Spoofability Test passes with flying colors.. Comodo Secure DNS is a domain name resolution service that resolves your DNS requests through our worldwide network of redundant DNS servers. This can provide a much faster and more reliable Internet browsing experience than using the DNS servers provided by your ISP and does not require any hardware or software installation. Comodo Secure DNS gives you a safer, smarter and faster Internet because it's: More R...

Securing DNS queries
Is there a setting to secure the DNS so that it only resolves for a list of specific clients by subnets? > Is there a setting to secure the DNS so that it only resolves for a list > of specific clients by subnets? > > Should have mentioned that this is 5.1 In article <7FjXa.101$Fa2.18@prv-forum2.provo.novell.com>, wrote: > Is there a setting to secure the DNS so that it only resolves for a list > of specific clients by subnets? > No, you would have to use a firewall to control the DNS traffic that gets to the DNS server. ...

How secure is AuthenticationTypes.Secure?
I understand that AuthenticationTypes.Secure requests secure authentication using Kerberos or NTLM (??). However, here is a scenario I am trying to understand. Let us say that I am having a regular ASP.NET site - with SSL certificates not installed on the web server. The login sends the request out to an AD server which also does not have certificates installed. However, I have set Secure flag to AuthenticationTypes.Secure. When the username and password data gets transmitted between the application and the LDAP server, how secure are the password and username info? In other words is this in...