Date: Tue, 18 Nov 2003 12:35:44 -0000 From: "Simon Gray" <simong@desktop-guardian.com> To: "Len Conrad" <LConrad@Go2France.com> Cc: freebsd-isp@freebsd.org Subject: Re: About DNS (BIND) with Database Message-ID: <010101c3add0$7c2bbd70$1100a8c0@dtg17> References: <029b01c3ad14$5e53b080$110d3ad4@VAHOXP> <0b3a01c3ad1e$2224d850$1100a8c0@dtg17> <6.0.1.1.2.20031117145927.0486af80@mail.go2france.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> >personally i wouldn't use bind, its had a bad security history. > > YEP, and it is VERY OLD HISTORY, but it goes back 3 years. > So what's your gripe about security vulnerabilities in BIND since early 2001? > If you don't have any concrete, recent examples, then stop the FUD. > There are reasons some people don't want to use BIND, but security isn't > one of them. My apologies if this thread has hit a nerve, I wasn't picking at anyone. I'm just giving my point of view. The history may be old in terms of computing, but I won't how many vulnerable systems are still out there? System admins that may not even know how to upgrade or even know that the vulns exist. bind advisories: http://www.cert.org/advisories/CA-2002-19.html http://www.cert.org/advisories/CA-2001-02.html http://www.cert.org/advisories/CA-1999-14.html Plus http://www.isc.org/products/BIND/bind-security.html isn't a very good track record is it? Track records are pretty much all you have to go on with software, unless you audit all the code yourself. If people want to use bind or any other package, they do so at their choice. I'm just saying in my opinion I think there are better alternative. If you're happy using bind, use bind. If you're happy with windows 95, use it. Simon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?010101c3add0$7c2bbd70$1100a8c0>