Re: inetd.conf security
From: Toomas Soome (Toomas.Soome_at_microlink.ee)
Date: 10/06/04
- Next message: Steve Pfister: "Need good password auditing utilities"
- Previous message: shoe: "Re: inetd.conf security"
- In reply to: Frank Cusack: "Re: inetd.conf security"
- Next in thread: Frank Cusack: "Re: inetd.conf security"
- Reply: Frank Cusack: "Re: inetd.conf security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 06 Oct 2004 17:16:20 +0300
Frank Cusack wrote:
> Agreed on both points, however nscd introduces its own problems w.r.t.
> host resolution. One no one has yet mentioned is that it doesn't
> honor TTL. This was a "dumb" implementation choice (and dumb of Linux
> to copy) although I understand the value of simple. This is such an
> issue at every place I've ever been that nscd for hostname caching is
> always a no-no. If we need hostnames to be cached we run a local
> caching nameserver.
man nscd.conf:
positive-time-to-live cachename value
negative-time-to-live cachename value
ok, this is not related to DNS TTL, but it's still there, you can set
short ttl for hosts/ipnodes and still rely on your named for dns TTL
handling. reading manual is sometimes useful...
toomas
-- Tomorrow will be cancelled due to lack of interest.
- Next message: Steve Pfister: "Need good password auditing utilities"
- Previous message: shoe: "Re: inetd.conf security"
- In reply to: Frank Cusack: "Re: inetd.conf security"
- Next in thread: Frank Cusack: "Re: inetd.conf security"
- Reply: Frank Cusack: "Re: inetd.conf security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
