SecurityPortal: Ask Buffy - After an Attack; Firewalls and Intrusion Detection; SSL; lpd.Apr 26, 2001, 20:23 (0 Talkback[s])
(Other stories by Buffy Overflow)
Questions this week cover BIND & DNS; After an Attack; Firewalls and Intrusion Detection; SSL; lpd.
"Can I add port numbers to a DNS entry using BIND?"
"Lots is written on what to do to avoid being hacked, what is the recommended procedure after an attempted or successful attack? If you have an IP address, for example, do you try and contact the hacker directly, do you report it to some type of authority, etc?"
"I have a linux machine at home that's connected to both the Internet and my local network. It also has a printer installed, so lpd is running. Obviously I want only the internal network to "see" lpd. I could add a firewall rule to block external access to the printer (and I have), but a firewall is easy to take down by accident, leaving everything listening on the external interface open to attack. All other services I'm running offer the option to bind to only one network interface (the internal one), automatically hiding them from the Internet, even without any firewall rulesets applied."
"How do I make lpd only bind to the internal interface, instead of to all interfaces?"