« August 2005 | Main | October 2005 »

September 27, 2005

Sample of BIND Configuration Files

I noticed a few visitors came to this blog by searching BIND configuration errors. I had troubles too, later simply copied the configuration files from a Linux server. Here are my configuration files of BIND 9, if you have troubles to make BIND work, you can use them directly or as a starting point. Please note that you may need to convert the text to unix Format, and those steps in the handbook should be done first:
# cd /etc/namedb
# sh make-localhost
Add named_enable="YES" to /etc/rc.conf

My server is a typical dedicated server and doesn't rely on any other servers, everything is on this box, such as dns, email, web server, ftp, etc.

In the sample files, I have a main domain "maindomain.com" for the server, the host name is "hostname.maindomain.com", DNS servers for all domains on this server are "ns1.maindomain.com" and "ns2.maindomain.com". All other domains can be configured like "otherdomain.com".

/etc/namedb/named.conf

Continue reading "Sample of BIND Configuration Files"

Category : DNS

Posted by FreeBSD Newbie at 09:54 PM | Comments (1)

September 14, 2005

Switch to pure-ftpd

WebHost Manager on my Linux VPS displayed the following message:

At this time, it is recommended that all customers using proftpd Switch to pure-ftpd as soon as possible to eliminate a potential security hole. It is important to consider that this security hole has not been verified. Multiple reports of compromised machines which have Trojans horse binaries installed with the proftpd group have been received. We wish acknowledge that there is only circumstantial evidence pointing to proftpd as the culprit, however we feel it is best to err on the side of caution.

Switching to pure-ftpd on WebHost Manager is as easy as one mouse click. It also solved a very annoying problem of proftpd -- up to 15 seconds delay with new connections. This is a common problem of proftpd, I believe it's because of my poor configuration, but I can't fix it. Time to replace proftpd on FreeBSD too.

Install pure-ftpd on FreeBSD
# cd /usr/ports/ftp/pure-ftpd
# make install clean
# rehash

Start pure-ftpd, this doesn't need any configuration. The sample configuration file is /usr/local/etc/pure-ftpd.conf.sample, if needed.

# /usr/local/sbin/pure-ftpd &

If you want to Chroot (FTP clients see /home/account/ as /), start with the option "-A":
# /usr/local/sbin/pure-ftpd -A &

No anonymous login:
# /usr/local/sbin/pure-ftpd -E &

Run Pure-FTPd with a configuration file instead of command-line options:
# /usr/local/sbin/pure-config.pl /usr/local/etc/pure-ftpd.conf &

Category : FTP

Posted by FreeBSD Newbie at 02:36 AM | Comments (0)