diff options
| author | crocomo <crocomo@btree.de> | 2014-03-04 07:28:58 +0100 |
|---|---|---|
| committer | crocomo <crocomo@btree.de> | 2014-03-04 07:28:58 +0100 |
| commit | 65a6c18d04094037d7efcd2c9fc6a26d5fe7e7f6 (patch) | |
| tree | 3aa77d2867d5e9f7f16bc039805f4457b163fcde /config/bind/bind.xml | |
| parent | f4d2b1698d54f886b3fbbd0750b1b1fa74c1aef6 (diff) | |
| download | pfsense-packages-65a6c18d04094037d7efcd2c9fc6a26d5fe7e7f6.tar.gz pfsense-packages-65a6c18d04094037d7efcd2c9fc6a26d5fe7e7f6.tar.bz2 pfsense-packages-65a6c18d04094037d7efcd2c9fc6a26d5fe7e7f6.zip | |
Enable built-in ACLs; Fix version.bind; Fix typos
* Enable use of the built-in ACLs as per [1]. Especially 'localhost' and
'localnets' come in handy on large firewall installations.
* Fix version.bind so that the server does not process queries at all as
per [1], which is more secure.
* Typo with listenon: Any -> any (more or less an esthetic fix)
* Two minor indentation errors
[1] http://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html
Diffstat (limited to 'config/bind/bind.xml')
| -rw-r--r-- | config/bind/bind.xml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config/bind/bind.xml b/config/bind/bind.xml index 76fdf523..2f16b966 100644 --- a/config/bind/bind.xml +++ b/config/bind/bind.xml @@ -160,7 +160,7 @@ <field> <fielddescr>Hide Version</fielddescr> <fieldname>bind_hide_version</fieldname> - <description>Hide the version of BIND, this prevents discover the version of our servers, use any exploit that exploits a vulnerability in Bind.</description> + <description>Hide the version of BIND (do not process queries to version.bind at all). This makes it more difficult to exploit the server.</description> <type>checkbox</type> </field> <field> |