software:dns:builddnsserver
Differences
This shows you the differences between two versions of the page.
software:dns:builddnsserver [2021/04/09 20:24] – created rodolico | software:dns:builddnsserver [2021/04/09 20:30] (current) – rodolico | ||
---|---|---|---|
Line 1: | Line 1: | ||
===== Install and configure Bind9 ===== | ===== Install and configure Bind9 ===== | ||
+ | |||
+ | BIND has been around for a while, and the nice thing about that is the good documentation. It even has a 200+ PDF you can download from [[https:// | ||
+ | |||
+ | ===== Basic Install ===== | ||
We use Devuan Linux for a lot of applications. The following code will install Bind9 on a Devuan server. | We use Devuan Linux for a lot of applications. The following code will install Bind9 on a Devuan server. | ||
Line 12: | Line 16: | ||
Note the last line. If this machine has a static IP address, it probably is pointing to a DNS server that is not internal. However, we have a fully functional name server right here, so why not use it? | Note the last line. If this machine has a static IP address, it probably is pointing to a DNS server that is not internal. However, we have a fully functional name server right here, so why not use it? | ||
+ | |||
+ | ===== Hardening ===== | ||
+ | |||
+ | BIND9 is pretty tried and true, so there are fewer attack vectors for it. However, it is fairly simple to harden the server by setting BIND9 to run in a chroot jail. In this case, even if someone does find a vulnerability, | ||
+ | |||
+ | ===== Links ===== | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
software/dns/builddnsserver.1618017852.txt.gz · Last modified: 2021/04/09 20:24 by rodolico