[rescue] BIND 9 conf file example needed...
rescue at sunhelp.org
rescue at sunhelp.org
Sun Dec 22 21:43:42 CST 2002
> Some resources:
> http://www.isc.org/products/BIND/contributions.html
Note that ISC hasn't had enough funding lately and IMHO
there are parts of their website that aren't getting
enough updates--particularly with BIND 9-specific stuff.
I strongly recommend
http://www.cymru.com/Documents/secure-bind-template.html
http://www.unixwiz.net/techtips/bind9-chroot.html
http://www.nominum.com/content/documents/bind9arm.pdf
as worthwhile resources that are BIND 9-specific and are
not listed on that ISC page (the ARM is referenced from
another part of the ISC site, and really doesn't have anything
more than the HTML documentation, but might be easier to read
in printed form.) The canonical list of DNS resources remains
http://www.dns.net/dnsrd/
> and specifically:
> http://www.acmebw.com/resources/papers/securing.pdf
That "securing BIND" presentation might be slightly out-of-date
by now--note that it was written for BIND 8.2.2p5 before BIND 9
was production-grade, and Acme Byte and Wire is no longer viable
to my knowledge (bought by VeriSign, and Cricket had left there
and worked for Men and Mice last I knew--see the main www.acmebw.com
page). The basic principles of DNS security as outlined in that
PDF (dated 2000) are still worth understanding, but some specific
config file options have changed.
--Rip
More information about the rescue
mailing list