Imagine that for some reason (i.e. maintenance tasks) you want to prevent non-root users from logging into the system. The next tip is a very simple way to achieve this goal.
If a file called /etc/nologin exists login will disable the begin of a session in this system. If you put some text into the file, users will be shown this text and their login attempts will be refused.
vi /etc/nologin
Server under maintenance. No access allowed at this moment.
According to security news, it seems that Sysadmins are becoming more and more concerned about poorly configured DNS servers, specially when recent reports show an increase of distributed denial of service attacks targeted to recursive DNS servers. Next I’ll show you some very basic tips to protect your machines against this kind of attacks.
As you probably know, a recursive DNS server (a caching DNS) tells clients the answers to queries for various DNS records. Queries not resolvable directly (non-local records) are forwarded to servers that can resolve them. Once it get answers they are stored in its cache for future use (note that this data is not cached forever).
On the other hand, a DNS server only shows to the world DNS records for a specific domain and is known to be authoritative for that domain.
Nowadays everybody with some security skills seems to agree in the importance of separating DNS caches from DNS servers. Even Bind (the most widely used DNS implementation) seems to follow this recommendation.
The easiest way to limit recursion in Bind9 is to put something like this in your config file:
options { allow-query { any; }; allow-recursion { 192.168.1.0/24; localhost; };
This will allow recursion from your internal net and from localhost. A better solution… SWITCH TO DJBDNS!!
And now some interesting links:
SecurityFocus: Vulnerabilities SecurityFocus: News Slashdot