Chris Moore wrote: > > Fritz said, and others discussed: - > >> I am thinking of replacing Net::DNS::Resolver by dig commands? >> Is this too much hassle for the windows folks? > > <* snip *> > servers since around 1996 - starting with BIND 4 on a '486 running NT4, and > currently run the BIND version of dig on my laptop, BTW. > <* snip *> > > <* snip *> > Fritz is proposing alternative (3), which seems reasonable in the > circumstances. If an ASSP user doesn't install dig, he doesn't get the > functions that it provides. If we don't use dig, no one gets the > functionality. If the functionality is valuable, the choice is obvious. > <* snip *> > > Blinding logic, perfect reasoning, well argued.
This assumes that "Net::DNS::Resolver" is broken and/or can't be fixed or worked around in an elegant or reasonable manner. Fritz only said he was thinking of replacing the Perl modules functionality with the external program Dig. I personally am against this, reliance on external software for core functionality is not something I think should be done for ASSP. Fritz could you please expand on what you want to use Dig for exactly? > What is the impact of running BIND (or dig) on my server(s)? > Does BIND interfere with Microsoft settings or values? > Does BIND pose a security threat to my server(s)? BIND is a DNS server. You would not have to run BIND just the program Dig. Also I think you mean "Would running BIND result in a security vulnerability on your server(s)". Richard Bejtlich: "A threat is a party with the capabilities and intentions to exploit a vulnerability in an asset. A vulnerability is a weakness in an asset that could lead to exploitation." But let's not debate that here (off-list if we must, as you mentioned earlier) Oh and to answer the question of it posing a vulnerability, that depends but I doubt it. BIND is probably the most used DNS server on the planet. It does have a history of problems but the latest version 9.3.x has 4 Secunia advisories currently, one of which is un-patched and rated "Less critical". Personally I would not be worried with running it on my systems once properly configured. Kevin ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
