---------- Forwarded message ----------
From: Justin Newcomer <liquidice5@gmail.com>
Date: Aug 4, 2005 5:19 PM
Subject: Re: problem getting BIND 9.3.1 to start
To: robert@kormar.net


for the chrooted, I figure, its really easy to set it up that, if some
vulerability does come out, bind cant get to the rest of the system,
just its jailed environment

i dont know wwhat lwresd does, i dont run it (but dont tell anyone)

I would probably just move /bin/dig to /bin/dig.old
and since /usr/pkg/bin is already in your PATH, then you dont need to
link to it anyway

as for bind tools
these can be helpful if something doesnt work
named-checkconf
named-checkzone


On 8/4/05, Robert Cates <robert@kormar.net> wrote:
> Thanks Adrian, and Justin Newcomer!  I've got BIND up and running, in
> chroot.  But now I have a couple of follow-up questions:
>
> 1. At the end of the build/install I saw the message suggesting running B=
ind
> in the chroot environment for security reasons.  Apparently you're setup
> this way, but would you recommend it, really, especially if the server's
> behind a firewall?
>
> 2. What is lwresd (which I read needed to be added to /etc/rc.conf and
> running for Bind 9)?
>
> 3. What would be the best way to change from using the original dig (8.3)=
 in
> /usr/bin to the new 9.3.1 version in /usr/pkg/bin , with sym-links?
>
> 4. What other tools come with Bind besides dig?
>
> Thanks again!
> Robert
>
>