Am 03.09.2015 um 23:16 schrieb Robert Moskowitz:
On 09/03/2015 05:02 PM, Reindl Harald wrote:Am 03.09.2015 um 22:59 schrieb Robert Moskowitz:On 09/03/2015 04:35 PM, Leandro wrote:Ok ... I got BIND 9.10.2-P3 working. I compiled with ./configure --with-openssl --enable-threads --with-libxml2 --with-libjson make make install Json statistics channel is working and chroot is not longer mandatory.But do make sure you have selinux enforced. Or run behind multiple firewalls...behind *multiple firewalls* - ?!?! - oh come on and get serious instead promote snakeoil - typically BIND is *not* running as root and hence does not need any special handling compared to any other network service get rid of the horror stories from the 1990's..............I dealt with customers that did suffer from island hopping attacks. Deep penetration. They had some systems not registered and vulnerable allowing what was thought safe to be stolen.
and 1000 firewalls in front doing all the same would not have changed anything, so just don't spread FUD and suggest anything gets better by throwing *random* undefined things in front of wahtever service
But I am done with that work
hopefully
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users