[nsd-users] Logfile/verbosity and master/slave

Stephane Bortzmeyer bortzmeyer at nic.fr
Tue Dec 16 16:28:04 CET 2008


On Thu, Dec 11, 2008 at 12:15:11PM -0700,
 Lew Payne <lew.payne at gmail.com> wrote 
 a message of 54 lines which said:

> The problem with diagnosing this with external tools (tcpdump,
> et-al) is that you must run the process in promiscuous mode, and
> thus generate a security concern.

Adding a lot of code to NSD is a more important security concern to
me.

Most people who run such capture tools do not run them on the name
server, anyway, but on a dedicated machine, with Ethernet port
mirroring to copy the queries or responses to it.



More information about the nsd-users mailing list