小蘇的世界

DDNS (Dynamic DNS)
Dynamic Update is a method for adding, replacing or deleting records in a master server by sending it a special form of DNS messages. The format and meaning of these messages is specified in RFC 2136.
自譯：DDNS是一種用來新增、替換或刪除Master DNS server中Resource Record Data的方法…相關內容可見RFC文件冊編號2136
==> 文件冊看這兒RFC2136 <==

The logging statement configures a wide variety of logging options for the name server.
Its channel phrase associates output methods, format options and severity levels with a name that can then be used with the category phrase to select how various classes of messages are logged.

在官方說明文件的第三章中的Tools for use with the name server daemon
有提到rndc這個指令~

The remote name daemon control (rndc) program allows the system administrator to control the operation of a name server.
也就是允許遠端控制DNS Server 啦~

很多東西都有ACLs…但每種東西設定的方法都不一樣~

那DNS的ACLs是做什麼功能吶?

TSIG是做什麼的吶？

Transaction SIGnatures (TSIG) based transaction security in BIND. 啥米…有聽沒有懂～繼續往下看囉

看DNS的Master與Slave架構吧
比較於基本架構…稍微難一些~

Computers communicate with each other using their IP addresses. But for humans, it is simpler to address a computer using its name.
DNS (Domain Name System) is a distributed database system that guarantees unique computer names worldwide.
It provides computers with IP addresses when a user enters a computer name,and vice versa.

簡單來說…就是為了幫助人…記憶網路名稱(host.DomainName)與網路位址(IP Address)用的，反之也成立喔~ >.<

http://www.tcpdump.org/tcpdump_man.html <-- manual page

tcpdump can read all or certain packets going over the ethernet.
tcpdump is often used to save the network traffic in a file.

簡單來說…就是可以將流經網卡的封包抓取下來…存成檔案加以分析就對了~

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end.
The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

OpenVAS products are Free Software under GNU GPL and a fork of Nessus.

以上截自官網的初步介紹~大概可以了解這是一個開放的弱點評估與網路安全掃描的系統~是屬於Nessus的分支
安裝與使用一樣不難…重點在於發現弱點…解決弱點~

話說…第一次接觸這東西時是在多年前為了替中部的一個大型的公家機關進行弱點掃描…
這東西難絕對不是難在安裝和使用…出報表等等…而是如何解決掃描出來的弱點…~也是知識經濟所在