Securing the BIND DNS server

Two articles have been written, the focus of updates is on the v9 paper:

  1. Hardening BIND v8: bind_hardening8.html
  2. Running BIND v9 DNS Server securely: bind9_20010430.html

The Bind V9 paper walks through compiling, installing and configuring a chroot'ed BIND v9 on Solaris 2.6 and 8. It also presents examples of advanced topics such as TSIGs and dynamic updates. It is specific to version 9 but aims to help existing BIND 8 administrators realize what is involved in migrating to v9.

Although originally written in 2001, information may still be relevant to you, I no longer have productive Solaris servers - everything on Liinux these days.

Update 2012: