Hello, I'm using dns package from Sun with Solaris 11 in a zone. With this, I'm confident to get the security updates in due time. Sun used to say "we are the dot in the .com" If you need more détails, you can write me. Br Vincent Envoyé de mon mobile Le 4 août 2013 à 14:15, Imtiaz Ahmad <ceo@teds.pk> a écrit :
Hi,
The best topology is DNS behind load balancers, doing all requirements of securing through VIP (virtual IP), let me know scenarios you are using, that is, public with DSL users, Wi-Fi, mobile or 3-g to give you more precise tips. Don't forget to enable monitoring of DNS machines with NAGIOS or cacti.
Best regards
On Sunday, August 4, 2013, Michael Hock wrote:
Hi there,
I need to set up a DNS server which is accessible from the whole internet. I have not chosen a DNS software yet, so maybe we could discuss about some, e.g. bind, dnsmasq, ...
My biggest concerns are dns amplification attacks, I don't want my server to be part of this. Is it already possible to protect DNS servers from spoofing attacks? Maybe just by rate-limiting the requests, without breaking legit requests?
Best regards, Michael
-- IMTIAZ AHMED T.E.D.S. (Private) Limited. 273-B, St.55, F-11/4, Islamabad-44000. T: +92 512 211 700 , M: +92 334 516 76 09 E: ceo@teds.pk