BIND 9 for Windows NT 4

BIND 9 for NT 4

Yet more shitty HTML, redux.

BIND 9.5.0-P1 from ISC doesn't work under NT4, so I compiled it. Get it here.

blahblah no warranty, blah etc. There are no viruses or trojans or backdoors or errors in this compilation to my knowledge, but you're getting this for free, so no whinging

Update, as of February 2009. Whilst the above is still true, please note that 9.5.0-P1 is the complete end of the line. It also has known security problems and I personally believe it leaks memory at times. After this release ISC source code is using the Winsock2 AcceptEx API, which is unsupported in NT4. This should be a good thing for later releases of Windows, as it provides overlapped I/O support. Upgrade now or stick on a Unix if you need BIND support - NT 4 is now an ex OS.

It should now be common knowledge that there is a significant vulnerability in many DNS implementations, including BIND. The details are now known, so servers and cacheing resolvers need patching ASAP.

Unfortunately, ISC do not produce a release of BIND for NT4 anymore. Understandable, as NT 4 is old, smelly, utterly unsupported and no doubt has various security holes of its own.

However, some people including myself still have to administer NT 4 servers, and thus I include a build of BIND 9.5.0-P1 for NT 4 here including MFC71.DLL and MSVCRT71.DLL.

I would, however, suggest that you ideally *don't* use it and compile it yourself. Otherwise you're trusting a guy you don't know (albeit a fabulously intelligent, handsome and modest guy) not to slip in code you don't trust.

Instructions for making it build under NT4 are therefore :

There are issues building it under Visual Studio 2005 and 2008 (runtimes don't support NT4). There may be routes round this, but frankly I don't have the time/inclination to look at it. Therefore use Visual Studio 6 or .NET 2003 (yes, both commercial products).

Obtain Nasm (for compiling assembly code in OpenSSL)

Obtain OpenSSL

Obtain Bind-9.5.0-P1

Do all the following command line operations using the visual studio command line

Install nasm, stick in path.

Unpack OpenSSL - follow build instructions (for C++ in .NET 2003 it just works). Run tests if you want to be certain it's all worked.

Untar BIND

In the same directory that contains the bind-9.5.0-p1 directory (i.e. from where you ran the tar command), create a directory called openssl-0.9.8d

Change into openssl-0.9.8d and xcopy all of the unpacked and compiled OpenSSL directory structure into here

create a new directory below openssl-0.9.8d called out32dll

copy everything from ..\lib into it

Change into the BIND directory.

Run BINDBuild to generate the workspace file

Load Visual Studio 6 or .NET 2003

Edit the include directories to include the OpenSSL include directory

Edit the lib directories to include the OpenSSL lib directory

Run compile - it will fail with an error, if I remember correctly, in event.h

edit event.h to #include <stdlib.h>

Build should now work

Yes, I know this could do with more detail. However, if you're not capable of filling in the mild gaps above you're not capable of compiling it either and should just download the package.

You can contact me at peter in the land of the domain syllopsium in the area of com. However, please note that I will now no longer entertain any fix to the above advice. 9.5.0-P1 has security issues, and I also have a suspicion it leaks memory. Upgrade now, the end has come.