| Bill Jonas on Mon, 18 Mar 2002 16:54:00 -0500 |
|
On Mon, Mar 18, 2002 at 09:20:09AM -0500, pinkee@cavegirl.org wrote: > they actively change dns servers to make it harder to connect. Search The alternative to that is to run your own name server. It's really easy with Debian, just "apt-get install bind". Then look into overriding your DHCP options for name service. (I use ISC's dhclient (Debian package is called dhcp-client). It also has some neat hooks for running arbitrary commands after your IP address changes, which is handy if you run a firewall.) Major security bonus points if you change the listen-on directive so that it only accepts connections from 127.0.0.1 (and your internal interface if you're running this on your firewall/NAT box). The root nameservers don't change IPs (not that I'm aware of, anyway), so as long as you have an IP and a default route you should be good to go. You can maybe speed up the name resolution a bit if you use the forwarders and forward-first directive with your ISP's name server IP addresses. -- Bill Jonas * bill@billjonas.com * http://www.billjonas.com/ Developer/SysAdmin for hire! See http://www.billjonas.com/resume.html Attachment:
pgp0EMZgzIbMl.pgp
|
|