Ubuntu DNS Server (BIND)

# apt-get install bind9 (낮은 버전은 아래 사이트에서 구할수 있음, 현재 최신 9.8.1b )

또는

# apt-get install openssh
# wget http://ftp.arcane-networks.com/pub/mirrors/ftp.isc.org/isc/bind9/9.4.0/bind-9.4.0.tar.gz
# tar -xvf bind-9.4.0.tar.gz | cd bind-9.4.0
# ./configure --prefix=/opt/bind9 --with-openssl=/usr/local/ssl --sysconfdir=/etc/bind
# make && make install

# root@LEOmaster:/etc/bind# cat named.conf include "/etc/bind/named.conf.default-zones"; include "/etc/bind/rndc.key"; include "/etc/bind/named.conf.options"; // prime the server with knowledge of the root servers include "/etc/bind/named.conf.local";

# root@LEOmaster:/etc/bind# cat named.conf.local acl "leo"{     192.168.x.x;     127.0.0.1; }; zone "mydomain.com" {        type master;        file "/etc/bind/zones/mydomain.com.db";        notify yes;        allow-update {none;};        allow-query{any;};        allow-transfer{leo;}; }; zone "leotest.com" {        type master;        file "/etc/bind/zones/leotest.com.db";        notify yes;        allow-update {none;};        allow-query{any;};        allow-transfer {leo;}; }; # For reverse DNS zone "59.168.192.in-addr.arpa" {         type master;         file "/etc/bind/zones/rev.59.168.192.in-addr.arpa";         notify yes;         allow-update{none;};         allow-query{any;};         allow-transfer { leo;}; };

# root@LEOslave:/etc/bind# cat named.conf.local zone "mydomain.com" {        type slave;        masters {192.168.x.x;};        file "/etc/bind/zones/mydomain.com.db";        notify no;        allow-query {any;}; }; zone "leotest.com" {        type slave;        masters {192.168.x.x;};        file "/etc/bind/zones/leotest.com.db";        notify no;        allow-query{any;}; }; # For reverse DNS zone "59.168.192.in-addr.arpa" {         type slave;         masters {192.168.x.x;};         file "/etc/bind/zones/rev.59.168.192.in-addr.arpa";         notify no;         allow-query{any;}; };

# root@LEOmaster:/etc/bind# cat named.conf.options options{                 directory "/etc/bind/zones";                 recursion yes;                 // If there is a firewall between you and nameservers you want                 // to talk to, you might need to uncomment the query-source                 // directive below. Previous versions of BIND always asked                 // questions using port 53, but BIND 8.1 and later use an                 //unprivileged                 // port by default.                 query-source address * port 53;                 // If your ISP provided one or more IP addresses for stable                 // nameservers, you probably want to use them as forwarders.                 // Uncomment the following block, and insert the addresses replacing                 // the all-0's placeholder.                 // forwarders {                  // 0.0.0.0;                  // };                    allow-recursion {                                  any;                  };                  auth-nxdomain no; # conform to RFC1035                                  //listen-on-v6 { any; };                  tcp-clients 500;                  recursive-clients 5000; };

#root@LEOmaster:/etc/bind/zones# cat leotest.com.db $TTL 3D @ IN SOA ns.leotest.com. admin.leotest.com. (                                 2011060301                                 28800                                 3600                                 604800                                 38400                                 ); leotest.com.  IN      NS         ns.leotest.com. ns                         IN      A              192.168.x.x leo                        IN      A          192.168.x.x www            IN      CNAME      leo victim             IN      A              192.168.x.x backtrack          IN      A              192.168.x.x backtrack2         IN      A              192.168.x.x