How can I launch a private Internet DNS server?
Paul Kosinski
bind at iment.com
Fri Oct 16 21:32:35 UTC 2020
With regard to using chroot, hasn't named/BIND long had the "-u" (user)
and "-t" (directory) options to accomplish the same thing more easily?
On Fri, 16 Oct 2020 12:47:35 -0500
Chuck Aurora <ca at nodns4.us> wrote:
> /me catching up on earlier parts of this thread,
>
> On 2020-10-15 11:42, alcol alcol wrote:
> > A DNS server can exist if you follow NIC instractions.
> > Mainly have you a leased line ever on? primary DNS can't be down or
> > NIC could down your domain.
> > Then you have to install and configure it. Better a fedora core , and
>
> I'm not sure what all that means (language barrier, perhaps), but I
> have some gripes with what I do understand.
>
> First, re: Fedora, no one distro/OS can truly claim to be best. The
> best advice to a beginner is to choose one and to learn it very well.
> Fedora can be a good choice, as can other GNU/Linux distros, as also
> can be various *BSD flavors. The point is: it depends what the user
> is comfortable to manage.
>
> > CHROOT, DNS is one of the services more targeted to enter inside a
> > system.
>
> False. A chroot is a fine idea if you know how to set it up and to
> maintain it, but it is certainly not a requirement for a beginner. A
> beginner in BIND (as in anything else) will do best by starting simple
> and building on what is learned.
>
> Also, while DNS is indeed a target of abuse, I honestly cannot recall
> a single exploit of BIND 9 that would lead to system penetration. It
> is true that BIND's named has had more than its share of security
> issues and bugs, but TTBOMK all of these have been crashes, causing
> only denial of service.
More information about the bind-users
mailing list