About DNS (BIND) with Database
Simon Gray
simong at desktop-guardian.com
Tue Nov 18 04:36:55 PST 2003
> >personally i wouldn't use bind, its had a bad security history.
>
> YEP, and it is VERY OLD HISTORY, but it goes back 3 years.
> So what's your gripe about security vulnerabilities in BIND since early
2001?
> If you don't have any concrete, recent examples, then stop the FUD.
> There are reasons some people don't want to use BIND, but security isn't
> one of them.
My apologies if this thread has hit a nerve, I wasn't picking at anyone. I'm
just giving my point of view.
The history may be old in terms of computing, but I won't how many
vulnerable systems are still out there? System admins that may not even know
how to upgrade or even know that the vulns exist.
bind advisories:
http://www.cert.org/advisories/CA-2002-19.html
http://www.cert.org/advisories/CA-2001-02.html
http://www.cert.org/advisories/CA-1999-14.html
Plus http://www.isc.org/products/BIND/bind-security.html isn't a very good
track record is it? Track records are pretty much all you have to go on with
software, unless you audit all the code yourself.
If people want to use bind or any other package, they do so at their choice.
I'm just saying in my opinion I think there are better alternative.
If you're happy using bind, use bind. If you're happy with windows 95, use
it.
Simon
More information about the freebsd-isp
mailing list