On Wed, 2008-07-23 at 17:37 -0500, Lanny Marcus wrote: > On Sat, Jul 19, 2008 at 2:27 PM, John Hinton <webmaster at ew3d.com> wrote: > > OK, so does anybody have a good firewall rule solution for what we're > > supposed to be doing with bind these days? Obviously port 53 is no longer > > enough. > > Consider using djbdns instead of BIND. It sounds like an excellent alternative > to BIND. ---- always seemed to be a bad idea to me. If the point is to use a supported/maintained package system like Red Hat or CentOS, security updates are always applied through. When you go off packaging, you then become responsible for the software from installation to maintenance. If you're going to use djbdns, why bother using CentOS? Craig