Should DNS be on same server as webserver?
John Almberg
jalmberg at identry.com
Tue Jul 14 04:06:28 UTC 2009
On Jul 13, 2009, at 6:27 PM, Karl Vogel wrote:
>>> On Mon, 13 Jul 2009 13:03:24 -0400,
>>> Jon Radel <jon at radel.com> said:
>
> J> Apache and Bind have both had their security issues over the
> years, and
> J> there's something to be said for running them on different
> servers to
> J> reduce both the "all eggs in one basket" factor and the ease of
> J> spreading an attack. (Yes, I'm assuming what you're actually
> J> running....)
>
> You can fix the security problems by dumping Bind and using djbdns.
> It's very easy to set up a caching nameserver without using all the
> memory on your system. See http://www.lifewithdjbdns.com/ for
> more.
I actually do use djbdns. Super easy to use, once you figure it out.
-- John
More information about the freebsd-questions
mailing list