----- Original Message ----- From: "Ben Reser" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 10, 2003 11:55 AM Subject: [Cooker] Re: [bind] named.ca out of date
> On Mon, Feb 10, 2003 at 10:42:14AM +0100, Oden Eriksson wrote: > > Hi. > > > > I used this pretty simple file for years to take care of the problem. I know > > this is not fool proof, but something like this could be used in Mandrake. > > > the_url="ftp://ftp.rs.internic.net/domain" > > the_file="named.cache" > > Not really necessary... Rarely do enough root servers get changed to > make a difference even if one is off. In this case the old ip is even > still working. J and A were at the same location so J's old ip has just > been redirected to A. > > Considering that this file hasn't been updated from Aug 1997 - Nov 2002, > I really can't imagine the need for a monthly cron. I forgot to mention that I used a static ip address in the hosts file, sort of an check if the root servers pointers had been tampered with, if the chrooted bind had been compromised. Otherwise I would have used dig to get the zone file ;) I don't monitor these bind servers 24/7, so I had to come up with something had the ns owners not noticed themselves... > I also don't think internic would appreciate us nailing their ftp site > once a month looking for the update. Nor can we count on when this file > gets updated 5 years from now that that URL will be valid. > > Probably the best thing to do is just make the SRPM download the file > from that ftp site. :) Guarantees new packages will always have the > correct file. Yes, that would be wise. > <sarcasm> > Besides with as often as we put out security updates for bind, it'll > even get updated for old distro versions. > </sarcasm> He he, yes ;)