3 simple questions
Ok my firewall is sweet. I only have two things I'd like to ask.
Here are some details. I have 2 NICS and am running DHCP and DNS on the inside. Running "netstat -avp" reveals the following:
tcp 0 0 *:1024 *:* LISTEN 649/rpc.statd
tcp 0 0 *:sunrpc *:* LISTEN 621/portmap
tcp 0 0 crxxxxxx.cpe.n:domain *:* LISTEN 1065/named
tcp 0 0 192.168.0.1:domain *:* LISTEN 1065/named
tcp 0 0 localhost.locald:domain *:* LISTEN 1065/named
tcp 0 0 *:ssh *:* LISTEN 881/sshd2
tcp 0 0 localhost.localdom:rndc *:* LISTEN 1065/named
tcp 0 288 crxxxxxxx.cpe.net.:ssh 2xx.xx.xxx.xxx:31852 ESTABLISHED 2950/sshd2 (<--- this is me)
udp 0 0 *:1024 *:* 649/rpc.statd
udp 0 0 *:1025 *:* 1065/named
udp 0 0 crxxxxxxx.cpe.n:domain *:* 1065/named
udp 0 0 192.168.0.1:domain *:* 1065/named
udp 0 0 localhost.locald:domain *:* 1065/named
udp 0 0 *:825 *:* 649/rpc.statd
udp 0 0 *:bootps *:* 848/dhcpd
udp 0 0 *:sunrpc *:* 621/portmap
raw 0 0 *:icmp *:* 7 848/dhcpd
It appears that named is listening for DHS request on both the local and internet segment.
Question #1: How do I make it so it only listens on the internal LAN and have it do this every time the box is booted?
Question #2: It appears that DHCP is also listening on the external network. How do I set it to only listen inside?
Question #3: When I edit /var/log/secure, I see alot of "DNS lookup failed for xxx.xxx.xxx.xxx". How Can I set it to resolve the IP's? I'd like this to keep track of SSH2 logins. Thanks in advance!
|