Tiny Core Linux

Tiny Core Extensions => TCE Q&A Forum => Topic started by: Pats on December 18, 2013, 09:09:43 AM

Title: Nameserver, resolv.conf and security
Post by: Pats on December 18, 2013, 09:09:43 AM

Hi,

1] Suppose /etc/resolv.conf is like this

search xyznet
nameserver 0.0.0.0
nameserver 0.0.0.0

2] Using minefield or seamonkey etc , one directly connect to the site using the site's IP address - like :

https://nnn.nnn.nnn.nnn/thePage.htm

replacing nnn with the actual IP numbers, then is it a secure connection ? and will it cause any security problem from any intruders ?

Note: Netfilter....tcz is loaded via onboot.

3] Is it safe, to use free DNS like Norton or Google, in above 1] nameserver configration ?

Pl guide..

~Pats

Title: Re: Nameserver, resolv.conf and security
Post by: bmarkus on December 18, 2013, 09:17:39 AM

To serve an incoming https:// request there must be an applications processing such request (usually a WEB server). In this case question is wether this application is secure or not. By default no such servise running in TC.

Using a free DNS dos not impose security risk itself.

Title: Re: Nameserver, resolv.conf and security
Post by: Pats on December 18, 2013, 07:54:38 PM

Thnks, but I am not talking abt any web-server or not abt an incomming https request.
Suppose if one connect to an outside web page on the internet using above resolv.conf, then is it a secure connection or not, and if one connect to web then is it possible from anybody to intrude to one's PC while one is online?
Sorry, for not being properly clear from my-side.

Title: Re: Nameserver, resolv.conf and security
Post by: gerald_clark on December 18, 2013, 09:32:14 PM

resolv.conf has nothing to do with making a secure https connection to a web server.
Resolv.conf just defines which nameserver you use to get the web server's IP address.

Title: Re: Nameserver, resolv.conf and security
Post by: tinypoodle on December 19, 2013, 06:21:42 AM

Why "nameserver 0.0.0.0" instead of no entry?

Title: Re: Nameserver, resolv.conf and security
Post by: Pats on December 21, 2013, 06:39:04 AM

Thnks gerald_clark,tinypoodle ...
Got the points...

By the way, I have gone thru some interesting readings in the meantime:

A Quick Overview of Unbound: A Very Secure DNS Daemon
https://calomel.org/unbound_dns.html

The /etc/resolv.conf Catch 22
http://www.troubleshooters.com/linux/dns.htm

Space after nameserver entry in /etc/resolv.conf causes failed DNS lookups with ping6
https://bugzilla.redhat.com/show_bug.cgi?id=703239

A "failed to fetch" error occurs when apt-get update is run. How do I fix this?
http://askubuntu.com/questions/298177/a-failed-to-fetch-error-occurs-when-apt-get-update-is-run-how-do-i-fix-this

dnsmasq FAQ
http://www.thekelleys.org.uk/dnsmasq/docs/FAQ

~Pats