software:dns:builddnsserver
Differences
This shows you the differences between two versions of the page.
| software:dns:builddnsserver [2021/04/09 20:24] – created rodolico | software:dns:builddnsserver [2021/04/09 20:30] (current) – rodolico | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ===== Install and configure Bind9 ===== | ===== Install and configure Bind9 ===== | ||
| + | |||
| + | BIND has been around for a while, and the nice thing about that is the good documentation. It even has a 200+ PDF you can download from [[https:// | ||
| + | |||
| + | ===== Basic Install ===== | ||
| We use Devuan Linux for a lot of applications. The following code will install Bind9 on a Devuan server. | We use Devuan Linux for a lot of applications. The following code will install Bind9 on a Devuan server. | ||
| Line 12: | Line 16: | ||
| Note the last line. If this machine has a static IP address, it probably is pointing to a DNS server that is not internal. However, we have a fully functional name server right here, so why not use it? | Note the last line. If this machine has a static IP address, it probably is pointing to a DNS server that is not internal. However, we have a fully functional name server right here, so why not use it? | ||
| + | |||
| + | ===== Hardening ===== | ||
| + | |||
| + | BIND9 is pretty tried and true, so there are fewer attack vectors for it. However, it is fairly simple to harden the server by setting BIND9 to run in a chroot jail. In this case, even if someone does find a vulnerability, | ||
| + | |||
| + | ===== Links ===== | ||
| + | * https:// | ||
| + | * https:// | ||
| + | * https:// | ||
software/dns/builddnsserver.1618017852.txt.gz · Last modified: 2021/04/09 20:24 by rodolico