#bind9 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #bind9, aggregated by home.social.
-
@bortzmeyer Hey ! est-ce que tu as déjà implémenté la RFC8482 avec bind (oui je sais qu'elle est seulement proposed, mais semblerait supporté dans bind ... )
#dns #bind9 -
-
@jpmens Just guessing here but as the file actually has a Bind DB format, perhaps it’s handler remains open (as long as #Bind9 is running) and is just written to.
What happens when Bind is stopped/restarted?
Certainly @ondrej or anyone at @iscdotorg can most confidently reply. -
-
Visited #CSNOG26 conference, it was great event. I had to disable #DNSSEC validation on their wifi network. Asked for a contact to local network admin to ask what is the implementation used. Surprise, they said #bind9. If you operate anything old enough capable of ``dnssec-enabled no;``, please don't use it anyway. Use ``dnssec-validation no;`` only. It will stop servfail caused by validation failures, but won't prevent validation at clients. Fix your forwarders or firewalls if that is not ok
-
Haack's Networking - Authoritative DNS w/ Bind9
- root zone and base server cluster
- name server registration; glue records
- full CLI-driven zones/records
- full Webmin-driven zones/records
- DNSSEC howto for CLI & WebminWiki Tutorial: https://wiki.haacksnetworking.org/doku.php?id=computing:bind9dns
You can add zones/domains & create A, AAAA, SPF, DMARC, DKIM, SRV, CNAME, and/or any DNS record you want; it's self-hosting heaven ;O
#gnulinux #freesoftware #sysadmin #live #debian #peertube #bind9 #dns #opensource #selfhost
-
Haack's Networking - Informal Hacking Sessions #03
Today's agenda includes:
1) Writing the bind9 authoritative tutorial
2) Monitoring the rebuilt rsnapshot nodes
3) Editing and adding to the hard drive vitals posthttps://content.haacksnetworking.org/w/byjvKm4LXLLn7q4ngYaG8f
#gnulinux #freesoftware #sysadmin #live #debian #peertube #bind9 #dns
-
In November, Debian LTS contributors released 33 Debian LTS Advisories, fixing 219 CVEs across multiple packages. Notable updates included security fixes for bind9, unbound, pdfminer, firefox-esr, thunderbird, and the Linux 6.1 kernel.
In addition, the LTS team also contributed security updates to latest Debian releases and carried out significant work to revamp the LTS team documentation.
Read the full report here:
https://www.freexian.com/blog/debian-lts-report-2025-11/?utm_source=mastodon&utm_medium=socialThis work is funded through Freexian’s Debian LTS offering. Consider sponsoring Debian LTS (https://www.freexian.com/lts/debian/?utm_source=mastodon&utm_medium=social) to support this effort and benefit from it: https://www.freexian.com/lts/debian/details/#benefits
#freexian #debianLTS #debian #linux #bind9 #unbound #thunderbird
-
Bind9 question.
Can I allow-transfers on both port 53 and 853 with TLS?
If I list allow-transfer twice in a zone it won't start.
-
Just checked AlmaLinux container image. CentOS Stream were just created and Alma has #bind9 CVEs fixed already in their repos. If they say they got their changes from Stream, they are lying. These are RHEL fixes for RH customers only.
-
@neverpanic @bagder we got bitten in #bind9 by RSA1 signature verification regression. Is it possible to emulate RHEL default crypto policy also on Fedora somehow? To have it refuse SHA1 verification like on RHEL?
-
Рунет в стране кошмаров: ТОП/АНТИТОП уязвимостей октября
Как прошел ваш Хэллоуин? Вот мы в СайберОК качественно повеселились и попугались, потому что наши эксперты-охотники на привидений до самого рассвета рыскали по внешнему периметру Рунета и вытаскивали на свет главных монстров октября – как новых, так и хорошо забытых старых.
https://habr.com/ru/articles/963384/
#уязвимости #инстансы #cve #wsus #bind9 #патч #эксплойт #информационная_безопасность #rce #рунет
-
instalar #bind9 en @alpinelinux en un lxc de @proxmox es complicado y divertido.
Que buena y minimalista aplicación. -
Создание wildcart сертификата от Let`s Encrypt
Данный туториал является компиляцией информации по выпуску wildcart сертификата от let`s encrypt, с полезными дополнениями, без которых выпуск сертификата оказывается затруднительным. В статье используется bind9 - dns сервер и предполагается что вы уже делегировали ваш домен на свои DNS сервера.
-
Things I learnt about DNS:
1. You can't "redirect" an entire domain with CNAME, only subdomains, which is why my website has been broken.
2. You can't specify an AAAA record and use a wildcard for the A record. You have to explicitly put both.
If the IP changes, you have to change it everywhere. I wonder if there is a modern DNS server which lets you avoid this sort of data duplication.
-
What's the least #evil #DNS provider?
I've put some of my properties on #Cloudflare, and I can still hear the boo's.
#Google cloud DNS and #AWS are no better.I can put #Bind9 on my own #FOSS stacks, but I probably lack the uptime for reliability.
I'm moving away from my CPanel provider into my own #Selfhosting on a #VPS.
I'm thinking one NS on something reliable and one on my own stack.
What does #masodon hivemind recommend?
-
DNS-сервер на базе BIND9 на Ubuntu Server VMware Workstation
Я потратил на это в общей сложности 3 месяца и здесь сугубо мой опыт вперемешку с информацией из интернета. Здесь будет рассмотрена настройка Bind9 для виртуальной машины Ubuntu Server. Делаю я это под своими IP. Установка BIND9 Установим пакеты BIND9 и необходимые инструменты: sudo apt install bind9 bind9utils bind9-doc -y
-
Schöner DNS-Workaround, den ich bis jetzt noch nicht kannte/brauchte: Um die (z.B. aus versehen zu weit in die Zukunft gesetzte) serial number eines Eintrags zurückzusetzen, muss man einfach nur das 32-bit große Feld zum Überlauf und damit wieder auf 0 bringen. Anschließend kann man es neu auf den Wunschwert setzen 😅
-
Hey #PiHole, and #ISC #Bind9 admins, can someone explain this to me?
dig A pi.hole -> noerror
dig HTTPS pi.hole -> NXDOMAIN
dig A pi.hole -> NXDOMAIN -
I’m currently playing around with DNSSEC. I have a hidden primary BIND server sign my zone and push it to publicly-visible secondaries.
But for KSK rollovers, I have to use my registrar’s REST API to publish a new DS record set.
With opendnssec, when it’s time to publish a new set of DS records, it can call a script to that effect. Can BIND also run such custom commands?
