[[Bind setup]]
 
Trace: Setup DKIM on Postfix with dkim-milter Centos 5 virtual hosting howto part 4 Centos 5 virtual hosting howto part 3 Centos 5 virtual hosting setup part 5 Bind setup
Table of Contents

Bind setup

Introduction

Bind will be setup chrooted to improve security we will also use views to prevent abuse of the dns server.

Basic configuration

The basic configuration disables by default, recursive queries and zone transfers. We also obscure the version of BIND we are running such that we are not hit by zero day vulnerabilities from script kiddies. 

options {
        directory "/var/named";
        pid-file "/var/run/named/named.pid";
        listen-on {
                127.0.0.1;
                192.168.1.5;
                };
        version "just guess";
        allow-recursion { "localhost"; };
        allow-transfer { "none"; };
};

Logging

The logging is customized to remove the annoying “lame-server” and update errors that appear in the logs 

logging {
        category update { null; };
        category update-security { null;        };
        category lame-servers{ null; };
};

Chroot

Ensure that this is set in the file /etc/sysconfig/named (its usually set by the bind-chroot package) 

ROOTDIR=/var/named/chroot

Point server

Let the machine use this server for dns resolution edit /etc/resolv.conf and prepend 

nameserver 127.0.0.1

Sample files

centos_5_virtual_hosting_bind_setup.txt · Last modified: 2008/02/09 16:54 by topdog
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki