On Fri, Feb 09, 2001 at 11:36:32AM -0500, Rick Murphy wrote:
> At 03:30 PM 2/9/2001 +0000, Herman Van Keer \(N\) \[M-PRO\] wrote:
> >I heard some very bad news about bind (in general for bugs [security]
> >and specifically now with their pay-policy ;-) )
> There is no "pay-policy". Bind remains open-source just like it always has
> been. Some organizations are being asked to pony up some of the cost of
> notifying vendors quickly about security holes, but that's it.
Yeah, the whole "secret pay to play cabal" has been blown out
of proportion.
> >An alternative to bind, could be djbdns... from Dan Bernstein (creator
> >of qmail).
> >Has anyone have experience with this DNS server?
> >Security?
> It's an alternative; I haven't used it, but it's an option for many sites.
> Bind 9.x (what I'm using) appears to be a real improvement from older
> versions of Bind.
Another alternative is dents. I have no experience with either
djbdns or dents (other than knowing one of the developers of dents) and
can't say yeah or neigh to either. I'm using Bind 9.1 for the 200+ domains
we are responsible for and its doing pretty good. And, before anyone
asks, yes I tested for the 9.1.0 problem that SEEMS to be revolving
around a FreeBSD kernel bug and the accept call and all Bind did was
report an error and keep on trucking.
> -Rick
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
