This patch was developed because I found it unnecessary for djb's dnscache application to be running both TCP and UDP, as I had no TCP based DNS clients running within my network environment. I searched high and low for a simplistic method of disabling this unnecessary aspect of the service. Unfortunately, my findings were less then adequate. The most common provided solution to my problem was to filter TCP on port 53. This may work in a majority of cases, but this was certainly not the best approach in my opinion. Additionally, in my own situation I wanted to run the axferdns application included within djbdns-1.05 on the same host and IP, as the dnscache. This obviously was an issue when I found that dnscache was utilizing TCP port 53, and axfrdns also required the use of TCP port 53. You may be asking yourself "Why anyone would want to run the axfrdns application on the same host as the caching server?" While this is most certainly a fair question, but better saved for an entirely different article addressing DNS architect, specifically split horizon.

Finally, in addition to the previously mentioned issue, throughout my modifications I found instances where preprocessor defines were used within the dnscache source code. However, later in the dnscache source code these values are statically assigned with values rather then the preprocessor define keywords (e.g. TCPMAX). This patch remedies this obvious oversight, and uses the preprocessor defines throughout.

Ming is a C library for generating SWF ("Flash") format movies, plus a set of wrappers for using the library from C++ and popular scripting languages like PHP, Perl, Python, and Ruby.

I recently tried to install Ming on one of my machines and ran in to some difficulties. The original Makefiles call "make", which on FreeBSD, OpenBSD and NetBSD systems is BSD make, not GNU make. So, I've modified the Makefiles to call gmake instead. Another problem I ran in to is that "gmake install" tried to install a non-existant file that referenced Ming. I went ahead and corrected this as well in the Makefile and now it works fine in my test environment.

Stephanie is an OpenBSD hardening package; Viagra for the blowfish, if you will. It adds several security features not present in OpenBSD that many admins and users would like on their systems. Stephanie contains features both for compromise prevention and post-compromise damage reduce; or, last line of defense.

(broken file link fixed)