Jon Lasser, 2002-11-20
How did one of the Internet's most ubiquitous software packages grow up to be chronically insecure? History offers a lesson.
Colapse all |
Post comment
Caught in a BIND
2002-11-20
Anonymous (2 replies)
Anonymous (2 replies)
Caught in a BIND
2002-11-22
Sam Pointer
Sam Pointer
To paraphrase a posting on comp.protocols.dns.bind; BIND is the reference implimentation of ALL aspects of the DNS standards, not just the bits that are easy to get right (a la djbdns).
Fair enough people are finding vunerabilities in BIND. But what do you expect in a piece of mission critical so...
[ more ] [ reply ]
Fair enough people are finding vunerabilities in BIND. But what do you expect in a piece of mission critical so...
[ more ] [ reply ]
Caught in a BIND
2002-11-23
Anonymous
Anonymous
I personally, would not recommend changing to djbdns just because it is deemed secure. I don't believe djb's software is as secure as he strives to make us believe it is. I would rather invite all those Hackers to build a list of possible attack avenues and test BIND thoroughly to make it even secur...
[ more ] [ reply ]
[ more ] [ reply ]
Caught in a BIND
2002-11-22
Anonymous
Anonymous
Insightful.
You only forgot to mention another solution:
another SECURE DNS Server.
I'd like to mention djbdns which is routinely used by many sysadmin
around the world.
Comes with NO security flaw, and even a 500$ cash reward for any security flaw found.
As performances are also impre...
[ more ] [ reply ]
You only forgot to mention another solution:
another SECURE DNS Server.
I'd like to mention djbdns which is routinely used by many sysadmin
around the world.
Comes with NO security flaw, and even a 500$ cash reward for any security flaw found.
As performances are also impre...
[ more ] [ reply ]
Caught in a BIND
2002-11-24
Anonymous
Anonymous
As always with BIND security its common sense that helps with its security (or lack there of).
Running it as its own user with no privledges, in a chrooted environment etc can also fix the security problems.
Its not always the software thats bad, it can also be simple misconfiguration, or misun...
[ more ] [ reply ]
Running it as its own user with no privledges, in a chrooted environment etc can also fix the security problems.
Its not always the software thats bad, it can also be simple misconfiguration, or misun...
[ more ] [ reply ]
Caught in a BIND
2002-11-26
Simon
Simon
I agree with dumping BIND 4 and BIND 8.
The upgrade BIND 8 to BIND 9 is not challenging or
difficult, it largely requires making the zone files
standard conforming, and mastering rndc configuration.
There are many short cuts for
doing this, including just AXFR zones from BIND 8. Systematic f...
[ more ] [ reply ]
The upgrade BIND 8 to BIND 9 is not challenging or
difficult, it largely requires making the zone files
standard conforming, and mastering rndc configuration.
There are many short cuts for
doing this, including just AXFR zones from BIND 8. Systematic f...
[ more ] [ reply ]
Save yourself at this address
http://cr.yp.to/djbdns.html...
[ more ] [ reply ]