From: "Norman Rieß" <norman@smash-net.org>
To: gentoo-server@lists.gentoo.org
Subject: Re: AW: [gentoo-server] Wanted: Gentoo Enterprise Server success stories
Date: Tue, 18 Oct 2011 11:51:18 +0200 [thread overview]
Message-ID: <4E9D4C16.90805@smash-net.org> (raw)
In-Reply-To: <CAA2qdGUOXq-bUhtciuSHw7WCjzJ7vc0Yiw8WDujeiMN6SCjT5g@mail.gmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/18/11 09:37, Pandu Poluan wrote:
>> Every Xen VM is running its own kernel and needs to be restarted or
>> kexec'ed when this kernel is updated. If this is not the case, the VM is
>> vulnerable to kernel bugs just as any other physical system, even if the
>> host on which the VM is running is secure.
>> I assume BIND is updated and restarted as needed, but that is not enough.
>
> Does it matter if the DNS server is behind a firewall that allows only
> TCP+UDP traffic to port 53?
>
> Rgds,
>
Maybe, depending on the vulnerability.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOnUwWAAoJEMCA6frkLT6zBcIIAIs1bYzO5dqt0riYWcgld7Y1
GNv6MoXu0QhEA8HP4sNvpV932pebuc8U1vHaVLvRpb36HJEifj9MOtBLCdJR/Ne/
ZPelAHforaSSqePJF44yhg1dPhWe13IUyZCMEjZwNqlhXVR36y8wvkotE0Af7ddc
5SNYyJnjl2nY9DzgsEiT+IEu7c0fvry35sqqv7rEZ8hGwnZZbH8k76RrLtmt7RQs
gg+oWX2IwGyjjw42Y83dHdDaaP07vAUStCr//rYsFVo1TrPZEm5pBzdHM+8iDbho
YBKSW0G2I40QXgOqFBh77oH24J8+ETAK9ugMry15GldS/SCGGjIoHmwGWnoHN/Y=
=Fl/M
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2011-10-18 9:51 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-21 6:24 [gentoo-server] Wanted: Gentoo Enterprise Server success stories Pandu Poluan
2011-10-08 22:41 ` Mark Shields
2011-10-09 11:37 ` Vladimir Rusinov
2011-10-11 18:38 ` Wilkins, Vern W
2011-10-10 7:20 ` Alessandro Storti Gajani
2011-10-12 12:52 ` AW: " Zemke, Kai
2011-10-17 11:43 ` Norman Rieß
2011-10-17 18:06 ` Pandu Poluan
2011-10-17 21:52 ` Brian Kroth
2011-10-18 5:12 ` AW: " Norman Rieß
2011-10-18 6:06 ` Matt Thode
2011-10-18 7:37 ` Pandu Poluan
2011-10-18 9:51 ` Norman Rieß [this message]
2011-10-12 18:49 ` Jonny Kent
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E9D4C16.90805@smash-net.org \
--to=norman@smash-net.org \
--cc=gentoo-server@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox