Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 9 Jul 2008 11:29:25 -0700 (PDT)
From:      Jason Stone <jason@shalott.net>
To:        Peter Thoenen <peter.thoenen@yahoo.com>
Cc:        freebsd-security@freebsd.org, remko@elvandar.org
Subject:   Re: BIND update?
Message-ID:  <alpine.BSF.1.00.0807091039120.34772@treehorn.dfmm.org>
In-Reply-To: <4874DD4B.5020608@yahoo.com>
References:  <17cd1fbe0807090819o2aa28250h13c58dbe262abb7c@mail.gmail.com> <3a558cb8f79e923db0c6945830834ba2.squirrel@galain.elvandar.org> <4874DD4B.5020608@yahoo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


I don't agree with the criticism of the security team; it takes a lot of 
time to test things and make sure that changes and patches work within the 
larger context of a complete system.  And what I like about FreeBSD is 
that it's a complete system, not just a collection of disjoint parts like 
some other popular unix-like systems out there....

However, I also don't agree with this:

> its really not a CRITICAL patch .. its more of a when you get around to 
> it seriously.

CERT and others have been saying for years that protecting DNS 
infrastructure is a critical component in protecting the security of the 
entire internet, and I strongly agree.  DNS spoofing and cache poisoning 
are an big part of how Windows boxes get rooted, and a more robust DNS 
infrastructure might go a long way in slowing the spread of the zombie 
armies.  Many folks in the hosting world use BIND on FreeBSD to provide 
DNS resolvers for their clients, and this is _not_ a trivial issue for 
them.


  -Jason

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg

iD8DBQFIdQOFswXMWWtptckRAlgBAJ9fyqJomRiszRJuub6blvV+uXv4RgCg8Q3E
wVqCrYVcKV7PjTHSyGuCyGY=
=ZU6f
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.00.0807091039120.34772>