Installing bind is not very clear for me
Robert Moskowitz
rgm at htt-consult.com
Thu Sep 3 21:16:36 UTC 2015
On 09/03/2015 05:02 PM, Reindl Harald wrote:
>
>
> Am 03.09.2015 um 22:59 schrieb Robert Moskowitz:
>> On 09/03/2015 04:35 PM, Leandro wrote:
>>> Ok ...
>>> I got BIND 9.10.2-P3 working.
>>> I compiled with
>>>
>>> ./configure --with-openssl --enable-threads --with-libxml2
>>> --with-libjson
>>> make
>>> make install
>>>
>>> Json statistics channel is working and chroot is not longer mandatory.
>>
>> But do make sure you have selinux enforced. Or run behind multiple
>> firewalls...
>
> behind *multiple firewalls* - ?!?! - oh come on and get serious
> instead promote snakeoil - typically BIND is *not* running as root and
> hence does not need any special handling compared to any other network
> service
>
> get rid of the horror stories from the 1990's..............
I dealt with customers that did suffer from island hopping attacks. Deep
penetration. They had some systems not registered and vulnerable
allowing what was thought safe to be stolen.
But I am done with that work.
More information about the bind-users
mailing list