On 3/12/2019 5:57 AM, SebA wrote:
I don't really understand why you would be negating the dns test on the server, rather than just removing it altogether.
A negated test is affirming a service is _not_ accessible.
Removing the test is not caring if the service is answering.
These are two different business needs.
Even if one confirms by some other means that a firewall product is running, there is only one way to confirm that product is doing its job. One must attempt to gain entry and see that access is denied.
--
Do things because you should, not just because you can.
John Thurston XXX-XXX-XXXX
user-ce4d79d99bab@xymon.invalid
Department of Administration
State of Alaska