DNSSEC made simple, is this possible?

WBrown at e1b.org WBrown at e1b.org
Wed Jan 11 17:06:49 UTC 2012


I took the ISC 2 day Intro to DNS and BIND class.  The instructor made a 
good point that building from source frees you from the dependance on the 
distro's package maintainer.  As part of the class, we had to compile bind 
from scratch.  It was very straight forward ./configure, make, make 
install.  Options to the configure step allowed customization of the 
install if needed, but the defaults are pretty good.

In Ubuntu LTS versions, they do not update versions, other than minor revs 
for bug fixes.  I have some that are running Ubuntu 8.04LTS with bind 9.4. 
 I was worried with the recent vulnerability, but they quickly backported 
the fix.  But they're still runniing 9.4. :(  I am building new servers to 
replace them and I'm going with abare bones distro install and adding 
packages (compilers, etc) as I find I need them.  But the servers will be 
much leaner in terms of what is on them.

Perhaps other distros/flavors of *nix handle new versions differently.

bind-users-bounces+wbrown=e1b.org at lists.isc.org wrote on 01/11/2012 
11:50:01 AM:

> Now if FreeBSD would just add 9.9 to the ports
> collection, it would save me from having to build it by hand.. 




Confidentiality Notice: 
This electronic message and any attachments may contain confidential or 
privileged information, and is intended only for the individual or entity 
identified above as the addressee. If you are not the addressee (or the 
employee or agent responsible to deliver it to the addressee), or if this 
message has been addressed to you in error, you are hereby notified that 
you may not copy, forward, disclose or use any part of this message or any 
attachments. Please notify the sender immediately by return e-mail or 
telephone and delete this message from your system.



More information about the bind-users mailing list