Automated DNSSEC (command line)
Michelle Konzack
linux4michelle at tamay-dogan.net
Fri May 28 23:11:26 UTC 2010
Hello Casey,
Am 2010-05-28 14:43:54, hacktest Du folgendes herunter:
> Yes, and you really should use one. The two most important things with
> signed zones are that your signatures don't expire, and that the right
> DNSSEC RRs are included in the zone. So not only does it need to be
> resigned after changes (to include the proper DNSSEC RRs), but also
> periodically make sure signatures don't expire. Here are a few of the tools
> written for that purpose:
>
> http://dnssec-tools.org/
> http://www.opendnssec.org/
> http://www.hznet.de/dns/zkt/
> http://zonetool.sourceforge.net/
Wow, I have to check the most suitabble for me
> Looks okay to me. Here's what your signed zone looks like visually:
>
> http://dnsviz.net/d/tamay-dogan.net/dnssec/
Cool tool...
> Although, it looks like you perhaps didn't increment the zone serial, as
> only one of your authoritative servers is running a signed version of the
> zone.
Now I have a problem with it because HOW can I increase the serialnumber
in this big file. In the old unsigned file I was working with a script,
but now I know nothing anymore.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsystems at tdnet France EURL itsystems at tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber linux4michelle at jabber.ccc.de
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.pgp
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100529/c5f31ddb/attachment.bin>
More information about the bind-users
mailing list