Secure host.conf
Log into each server as root.
Edit the /etc/host.conf file.
Ensure this file has the following settings:
# Lookup names via DNS first then fall back to etc/hosts.
bind
hosts
# We have machines with multiple IP addresses.
multi on
# Check for IP address spoofing.
nospoof on
spoofalert on
Save the file.
IMPORTANT NOTE: This document is based on FreeBSD. The concepts
should be similar across operating systems, but the commands will very likely be different. Also, never
assume the directory structures exist in your system as written in the document. Never blindly follow
security instructions -- read, review, compare, apply as it fits your system.
|
