1.5 Installing ISC BIND 9 - named location

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The ISC BIND Benchmark recommends using the binary packages provided by your platform vendor for most situations in order to reduce the effort and increase the effectiveness of maintenance and security patches. The Red Hat Enterprise Linux 7 has been used for testing the benchmark.

Rationale:

The benefits of using the vendor supplied binaries include:

- Ease of installation.
- It is customized for your OS environment.
- It will be tested and have gone through QA procedures.
- Additional software you may need is likely to be included, such as chroot setup and startup scripts.
- Your vendor will tell you about security issues so you have to look in less places.
- Updates to fix security issues will be easier to apply.

However, building from source is suitable for those that want full control of the build process, prefer to build from source, or do not have a suitable package available for their platform. Source download and build information is available on the ISC website knowledge base at the URL reference below.

Solution

Installation depends on the operating system platform. The following commands were tested on RHEL7.

# yum install bind
. . .
# yum install bind-chroot
. . .

See Also

https://benchmarks.cisecurity.org/downloads/show-single/?file=bind.300

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6

Plugin: Unix

Control ID: 0ecca92cae4aad9d0cca48560fde0e125203fa127449bdd3df98d67519c1be96