proper way to start named at boot?

Mark Damrose mdamrose at elgin.cc.il.us
Wed May 29 12:30:56 UTC 2002 

"Michael" <res04t3y at gte.net> wrote in message
news:ad11sv$8afk$1 at isrv4.isc.org...
> sorry, RedHat 7.0
> Thanks,
> --Michael-

RedHat has a script to maintain the Sym links for you.  From root do
#chkconfig --levels 2345 named on

> "Michael Kjorling" <michael at kjorling.com> wrote in message
> news:ad0o74$84g8$1 at isrv4.isc.org...
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On May 28 2002 19:02 -0000, Michael wrote:
> >
> > > Hi,
> > > I have to start named (bind 8.2.2) manually after each reboot,
> > > /etc/init.d/named start. There must be a better way. Should I simply
put
> > > /etc/init.d/named start at the end of rc.local or is this a security
> > > problem? If there is a better way, please use full instructions as I
> don't
> > > know how to make symlinks or write scripts.
> > > Thanks,
> > > --Michael-
> >
> > There is a serious security problem with running an unpatched BIND
> > 8.2.2 - it has _known_ _remote_ _root_ _exploits_. Exploits that have
> > been known since - what is it now, like years. It's only a matter of
> > time before you get rooted, if you haven't already.
> >
> > Once you have upgraded to a non-vulnerable version (at the VERY least
> > 8.2.3, preferably 8.3.1 or 9.2.1), there are no known security risks
> > with starting named from one or another boot script. Exact
> > instructions are impossible to give since you do not tell us what
> > operating system you are running. I can only assume it is some Unix
> > variant.
> >
> >
> > Michael Kjörling
> >
> > - --
> > Michael Kjörling  --  Programmer/Network administrator  ^..^
> > Internet: michael at kjorling.com -- FidoNet: 2:204/254.4   \/
> > PGP: 95f1 074d 336d f8f0 f297 6a5b 2aa3 7bfd 8a70 e33e
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.0.7 (GNU/Linux)
> > Comment: Public key is at http://michael.kjorling.com/contact/pgp.html
> >
> > iD8DBQE88+MpKqN7/Ypw4z4RAu+cAJ4+3xOBxyLT3cJUYdKvRiSLUi0QUgCfep7M
> > 9VUXZbAa/zUu6CR73UzGwLI=
> > =yjVn
> > -----END PGP SIGNATURE-----
> >
> >
> >
>
>

More information about the bind-users mailing list