|
Configure DNSSEC on BIND9 on Debian 6, Ubuntu 11.10 |
vote
 |
|
| This guide explains how you can configure DNSSEC on BIND9 on Debian Squeeze and Ubuntu 11.10. It covers how to enable DNSSEC on authoritative nameservers (master and slave) and on resolving nameservers, creation of keys (KSKs and ZSKs), signing of zones, key rolling with rollerd, zone file checking with donuts, creation of trust anchors, using DLV (DNSSEC look-aside validation), and getting your DS records into the parent's zone. read more... |
|
| | permapage | score:8096 | -falko, April 19, 2012 |
|
Tutorial: A MySQL based DNS Server: MyDNS |
vote
|
|
In this tutorial I will describe how to install and configure MyDNS, a DNS server that uses a MySQL database as backend instead of configuration files like, for example, Bind or djbdns. This has the advantage that you can easily use web-based frontends to administrate your DNS records. You could even write your own frontend, e.g. using PHP, to interact with the MyDNS database. MyDNS simply reads the records from the database, and it does not have to be restarted/reloaded when DNS records change or zones are created/edited/deleted! This is a major advantage.
I will also show how to set up a secondary DNS server, but I will not use normal zone transfers to get the records from the primary to the secondary DNS server; instead, I will use MySQL database replication. I will simply replicate the data from the primary to the secondary server.
There are multiple web frontends to MyDNS. Of course, you can use phpMyAdmin for the MyDNS administration, or you can use the web frontend that comes with MyDNS (which is not for beginners because it lacks the field descriptions), or you can use MyDNSConfig, a tool written by myself. I will show how to install each of them. read more... |
|
| | mail this link | permapage | score:8039 | -falko, January 23, 2006 |
|
Tutorial: Build a DNS server with ISC BIND |
vote
|
|
| This tutorial from dW shows you how to leverage Linux to get the most from your network. Specifically, it describes how to set up DNS with Internet Systems Consortium (ISC) BIND. Sample code and configuration files are provided throughout to aid understanding. read more... |
|
| | permapage | score:8009 | -Idean Momtaheni, November 24, 2004 |
|
Patch BIND9 against DNS cache poisoning on Linux |
vote
|
|
| Dan Kaminsky earlier this month announced a massive, multi-vendor issue with DNS that could allow attackers to compromise any name server - clients, too. These two articles explain how you can fix a BIND9 nameserver on Debian Etch and Fedora/CentOS so that it is not vulnerable anymore to DNS cache poisoning. read more... |
|
| | mail this link | permapage | score:7994 | -falko, July 29, 2008 |
|
OpenVZ Tutorial: Build virtual host with Web, MySQL, Email, DNS servers on Debian 6 |
vote
|
|
| This tutorial describes how you can set up a single dedicated server as a virtual multiserver environment using OpenVZ with dedicated Web & MySQL, Email and DNS servers on Debian Squeeze. Also, you will learn how to maintain all these servers. As an addition, you will learn how to install some very useful packages on all of them, how to protect them and how to monitor them. At the end you will have a fully functional virtual multiserver environment, ready for shared hosting. read more... |
|
| | permapage | score:7992 | -falko, May 26, 2012 |
|
Tutorial: Install MyDNS-NG, MyDNSConfig 3 on Debian |
vote
|
|
| In this tutorial I will describe how to install and configure MyDNS-NG and MyDNSConfig 3 on Debian Lenny. MyDNS-NG is a DNS server that uses a MySQL database as backend instead of configuration files like, for example, Bind or djbdns. MyDNSConfig is an easy to use web-based interface to MyDNS-NG. MyDNSConfig can create all types of DNS records that are available in MyDNS and adds features like user management and access privileges. read more... |
|
| | permapage | score:7898 | -falko, April 10, 2009 |
|
Tutorial: Configuring Secondary DNS |
vote
|
|
This is the easy part.
A master DNS server contains the zone files which dictate the IP addresses and hostnames for a zone. A slave DNS server contains the same information, but must obtain its information from a master DNS server. For example, when a primary name server starts, it reads the zone information from files on the disk. However, when a slave name server starts, it asks the primary for the information. read more... |
|
| | permapage | score:7874 | -Alex, July 27, 2000 (Updated: June 23, 2003) |
|
How to set up a caching DNS server |
vote
|
|
Eliminate lots of DNS queries to make your connection seem faster...
You can run a DNS cache on your computer. This will speed up the process of looking up domain names when browsing. The difference is about 30-60 ms for me. Multiply that difference by the number of websites you visit a day for an approximate estimate of the speed improvement. Of course, all this would be worth it if it weren’t for the fact that setting this up is way too easy. read more... |
|
| | permapage | score:7833 | -Ray, August 8, 2006 |
|
Install PowerDNS, MySQL, Poweradmin on Debian |
vote
|
|
| This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a Debian Lenny system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS. read more... |
|
| | permapage | score:7817 | -falko, July 17, 2010 |
|
Tutorial: Run DNS Servers on Debian 6 |
vote
|
|
| This tutorial shows how you can run your own DNS servers (primary and secondary) with ISPConfig 3. To do this, you need two servers with two different public IP addresses and with ISPConfig 3 installed. I will use Debian Squeeze for both DNS servers here to demonstrate the base system setup process and ISPConfig 3 installation, but once you have ISPConfig 3 installed on your servers, the configuration inside ISPConfig 3 is identical, no matter what distribution you use. read more... |
|
| | permapage | score:7777 | -falko, July 21, 2011 |
|
Determine DNS nameserver versions remotely with fingeprinting tool |
vote
|
|
By hiding your DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command's remote OS detection facility).
A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same. read more... |
|
| | mail this link | permapage | score:7736 | -nixcraft, December 21, 2007 |
|
Tutorial: Set up MyDNS on Ubuntu with MyDNSConfig |
vote
|
|
| In this tutorial I will describe how to install and configure MyDNS and MyDNSConfig. MyDNS is a DNS server that uses a MySQL database as backend instead of configuration files like, for example, Bind or djbdns. The advantage is that MyDNS simply reads the records from the database, and it does not have to be restarted/reloaded when DNS records change or zones are created/edited/deleted. A secondary nameserver can be easily set up by installing a second instance of MyDNS that accesses the same database or, to be more redundant, uses the MySQL master / slave replication features to replicate the data to the secondary nameserver. read more... |
|
| | mail this link | permapage | score:7725 | -falko, March 12, 2007 |
|
Tutorial: Install MyDNS, MyDNSConfig 3 on Fedora 10 |
vote
|
|
| In this tutorial I will describe how to install and configure MyDNS and MyDNSConfig 3 on Fedora 10. MyDNS is a DNS server that uses a MySQL database as backend instead of configuration files like, for example, Bind or djbdns. MyDNSConfig is an easy to use web-based interface to MyDNS. MyDNSConfig can create all types of DNS records that are available in MyDNS and adds features like user management and access privileges. read more... |
|
| | permapage | score:7643 | -falko, May 24, 2009 |
|
Using the Domain Name Service (DNS) |
vote
|
|
You know my name, look up my number...
...it's estimated that more than 50,000 new domain names are registered each day. The Domain Name Service (DNS, also often referred to as the Domain Name System) was created to help solve this problem. DNS is essentially a huge conga line of servers (called name servers) snaking through the Internet. For any computer connected to the Net, a given DNS server can provide you with that computer's host name and IP address information itself, or the server knows how to find other name servers that will have that information.
In this story we give a general overview of the DNS system, how it's implemented on Linux, and how to configure it. We describe the files that hold the configuration information and host database and where they're located. Sample configuration files are also included to get you started with your own DNS setup. read more... |
|
| | mail this link | permapage | score:7585 | -Ray, December 5, 2000 (Updated: August 27, 2003) |
|
Install PowerDNS and Poweradmin on Ubuntu 8.10 |
vote
|
|
| This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on an Ubuntu 8.10 system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS. read more... |
|
| | permapage | score:7526 | -falko, January 30, 2009 |
|
Install PowerDNS and Poweradmin on Fedora Linux |
vote
|
|
| This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a Fedora 10 system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS. read more... |
|
| | permapage | score:7486 | -falko, February 13, 2009 |
|
Install PowerDNS, MySQL, Poweradmin on Fedora 12 |
vote
|
|
| This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a Fedora 12 system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS. read more... |
|
| | permapage | score:7358 | -falko, June 21, 2010 |
|
Safer, faster browsing with OpenDNS |
vote
|
|
Free services and extra security added on top of DNS with OpenDNS...
"OpenDNS runs a really big, smart cache, so every OpenDNS user benefits from the activities of the broader OpenDNS user base," says Allison Rhodes, community manager of OpenDNS. She says OpenDNS runs a high-performance network that is geographically distributed and serviced by several redundant connections. read more... |
|
| | permapage | score:7358 | -Ray, February 1, 2007 |
|
Security: Understanding DNS Attacks |
vote
|
|
Minimizing the vulnerabilities of the Domain Name System...
Understanding the mechanics behind DNS is important when securing your DNS server. DNS is robust and full featured; understanding what resources each DNS action requires will allow administrators to disable unnecessary features, therefore achieving a minimalist and secure DNS server. This section reviews the basics of DNS mechanics. Domain name information is stored in flat text files called zone files. User requests and server replies are simple text-file searches and take very few system resources. Some newer DNS technologies allow for write access to update record data and other configurations remotely. However, unless write access is explicitly enabled, from an end user perspective DNS should be referred to as a read-only service. DNS is mechanically broken up into records, servers, and their respective chains of authority from the root servers... read more... |
|
| | mail this link | permapage | score:7353 | -Ray, May 17, 2004 |
|
Simple DNS-based ad blocking for Linux, BSD |
vote
|
|
Since most of the more annoying web advertisements come from only a very few sources, this clever solution is easy to implement and quite effective. Of course, this technique will work for any operating system on which running a DNS server is convenient.
People who use the Web these days have probably developed extremely good "mental filters" that allow them to ignore the blizzard of banner ads, pop-ups, and other chaff, which seem to make up the majority of the content on many major Web sites. But one day the flashing, jumping, singing, whiz-bangy-ness of it all got to me and I decided to do something to reduce the amount of visual noise I had to deal with when surfing the Web. The bonus was that once I was able to eliminate 90% of the advertising from the sites I was visiting, my Web browsing sped up enormously.
Let me preface my solution by stating that it requires that you run your own local DNS servers, as I do on my home-office network. read more... |
|
| | mail this link | permapage | score:7276 | -Ray, January 20, 2004 |
|
|
