[linux-sec-uk] djbdns / dns

Doug Winter linux-sec-uk at mailman.lug.org.uk
Wed Aug 20 13:10:00 2003


--+KJYzRxRHjYqLGl5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed 20 Aug James Davis wrote:
> With the recent discusion of qmail/sendmail/... and an article on DNS
> posted to slashdot I'd be interested in experiences with djbdns,
> especially in comparison (security wise) with other DNS servers.
>=20
> Has anyone suffered a serious threat to the security of their DNS setup?

Anyone running BIND 8 will have had problems - it's had a succession of
security problems that make it a nightmare to maintain.

We moved to BIND 9 about 6 months ago, and that's been fine (as far as I
know).

Personally I think BIND 9 is good enough - certainly compared to the
pain you have to go through to use any DJB software :)

Cheers,

Doug.

--=20
6973E2CF print 2C95 66AD 1596 37D2 41FC  609F 76C0 A4EC 6973 E2CF
"Poets have been mysteriously silent on the subject of cheese."
     --G.K. Chesterton=20

--+KJYzRxRHjYqLGl5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE/Q2TjdsCk7Glz4s8RAp5yAKCqrYDZDltwFmldzNNSXl6ZSVvFiQCguFJf
ZzlFi1NP60aVEsVKMTO7Bxg=
=AVwe
-----END PGP SIGNATURE-----

--+KJYzRxRHjYqLGl5--