Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Installing BIND on a machine with InterScan Messaging Security Suite (IMSS) 7.1

    • Updated:
    • 29 Sep 2016
    • Product/Version:
    • InterScan Messaging Security Suite 7.1 Linux
    • Platform:
    • Linux - Red Hat RHEL 4 32-bit
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - SuSE 10
    • Linux - SuSE 9.0
Summary

Learn how to deploy BIND in a configuration system where InterScan Messaging Security Suite (IMSS) 7.1 Linux is already installed.

Details
Public

To install BIND in a machine with IMSS 7.1 Linux:

 
A hot fix, service pack, or patch regarding the IP profiler might be released in the future. If you will install BIND or IP profiler, you need to revert the product back to its initial build and apply the current build once the installation is completed.
  1. Remove the pre-installed BIND if its version is lower than 9.0. Otherwise, proceed to the next step.
  2. Run the following command to obtain the bind.tar from imss.tar.

    # tar xvf imss.tar

  3. Copy the bind.tar file to another directory (e.g. /temp/imss_bind) using the command below:

    # cp bind.tar /temp/imss_bind

  4. Run the command below to unzip the bind.tar file:

    # tar xvf bind.tar

  5. Run the following commands to set the owner, group, and permission:

    # chgrp -R imss bind
    # chown -R imss bind
    # chmod -R 555 bind
    # cp -f bind/named.conf /etc
    # cp -f bind/rndc.key /etc
    # mkdir -p /var/named
    # chmod 770 /var/named

  6. Run the following command if the user name or group does not exist. Otherwise, proceed to the next step.

    # groupadd named
    # useradd -g named -s /bin/false -d /var/named named

  7. Configure the BIND setting using the following commands:

    # chown named:named /var/named
    # mkdir -p /var/run/named
    # chmod 770 /var/run/named
    # chown named:named /var/run/named
    # chown named:named /etc/named.conf
    # chown named:named /etc/rndc.key
    # chmod 555 /etc/named.conf
    # chmod 555 /etc/rndc.key

  8. Move the bind directory to the IMSS installation directory. By default, the IMSS installation directory is /opt/trend/imss.

    cp -aR bind /opt/trend/imss/bind

    The settings should be similar to the following:

    # pwd
    		/opt/trend/imss/bind
    		# ls -l
    		-r-xr-xr-x  1 imss imss    2029 Oct  5 13:47 bindctl.sh
    		-r-xr-xr-x  1 imss imss 2840851 Nov 17  2008 dig
    		-r-xr-xr-x  1 imss imss      82 Dec  1  2008 dig.sh
    		-r-xr-xr-x  1 imss imss 3829011 Nov 17  2008 named
    		-r-xr-xr-x  1 imss imss     694 Sep 12  2007 named.conf
    		-r-xr-xr-x  1 imss imss  637396 Nov 17  2008 rndc
    		-r-xr-xr-x  1 imss imss     132 Sep 12  2007 rndc.key
    		-r-xr-xr-x  1 imss imss      83 Dec  1  2008 rndc.sh
  9. Edit the foxdns.ini file. By default, the file is located in opt/trend/imss/config.

    dig_path=/opt/trend/imss/bind/dig
    rndc_path=/opt/trend/imss/bind/rndc
    named_pid_path=/var/run/named/named.pid
    named_db_path=/var/named/ipprofiler

  10. Edit /opt/trend/imss/bind/bindctl.sh similar to the following:

    #LD_LIBRARY_PATH=_PKG_INSTALL_ROOT_/bind:_PKG_INSTALL_ROOT_/lib
    LD_LIBRARY_PATH=/opt/trend/imss/bind:/opt/trend/imss/lib
    export LD_LIBRARY_PATH
    PS_CMD="ps -ef --width 1000"
    #BIND_BASE=_PKG_INSTALL_ROOT_/bind
    BIND_BASE=/opt/trend/imss/bind

  11. Edit /opt/trend/imss/bind/rndc.sh similar to the following:

    export LD_LIBRARY_PATH=.:/opt/trend/imss/lib
    /opt/trend/imss/bind/rndc $1 $2

  12. Edit /opt/trend/imss/bind/dig.sh similar to the following:

    export LD_LIBRARY_PATH=.:/opt/trend/imss/lib
    /opt/trend/imss/bind/dig $1 $2

  13. Create an IP Profiler directory under /var/named.

    # mkdir /var/named/ipprofiler
    # chgrp -R imss /var/named/ipprofiler
    # chown -R imss /var/named/ipprofiler

    The settings should be the same as below:

    # pwd
    		/var/named
    		# ls -l
    		drwxr-xr-x  2 imss imss 4096 Oct  5 10:49 ipprofiler
  14. The /opt/trend/imss/script/S99FOXDNS should start and create the db.all.foxhunter.trendmicro.com file under /var/named/ipprofiler. If there is no db.all.foxhunter.trendmicro.com file, you can manually create a ZONE file with the said file name like below:

    $TTL 86400
    @ IN SOA all.foxhunter.trendmicro.com. root.all.foxhunter.trendmicro.com.(
    2010030810 ; serial number
    28800 ; refresh
    14400 ; retry
    3600000 ; expire
    86400 ) ; default TTL
    IN NS all.foxhunter.trendmicro.com.
    IN A 127.0.0.0

  15. If you manually created a db.all.foxhunter.trendmicro.com file as mentioned in the previous step, run the following command to set the owner, group, and permission. Otherwise, proceed to the next step.

    # chown imss /var/named/ipprofiler/db.all.foxhunter.trendmicro.com
    # chgrp named /var/named/ipprofiler/db.all.foxhunter.trendmicro.com
    # chmod 644 /var/named/ipprofiler/db.all.foxhunter.trendmicro.com

  16. Perform the following command:

    # /opt/trend/imss/bind/bindctl.sh start

  17. Install the IP Profiler.
  18. Reload all IMSS services.
    1. Stop the InterScan Messaging Security Suite services.
    2. Start the InterScan Messaging Security Suite services:

      # /opt/trend/imss/script/imssstart.sh

  19. Copy the following file and set permission:

    # cp /opt/trend/imss/bind/bindctl.sh /etc/init.d/S99bindctl
    # chmod 555 /etc/init.d/S99bindctl

  20. Copy the following file and set permission:

    # cp /opt/trend/imss/script/S99FOXDNS /etc/init.d/S99FOXDNS
    # chmod 775 /opt/trend/imss/script/S99FOXDNS

  21. Run the following commands to create symbolic link:

    # cd /etc/rc.d/rc3.d
    # ln -s /etc/rc.d/init.d/S99bindctl
    # ln -s /etc/rc.d/init.d/S99FOXDNS

  22. Create symbolic links to /etc/rc.d/rc2.d and /etc/rc.d/rc5.d using the following commands:

    # cd /etc/rc.d/rc2.d
    # ln -s /etc/rc.d/init.d/S99bindctl
    # ln -s /etc/rc.d/init.d/S99FOXDNS

    # cd /etc/rc.d/rc5.d
    # ln -s /etc/rc.d/init.d/S99bindctl
    # ln -s /etc/rc.d/init.d/S99FOXDNS

The setup is now complete.

Premium
Internal
Rating:
Category:
Deploy
Solution Id:
1115344
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.