From owner-freebsd-questions@FreeBSD.ORG  Mon Jul 13 23:01:44 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 357A41065673
	for <freebsd-questions@freebsd.org>;
	Mon, 13 Jul 2009 23:01:44 +0000 (UTC)
	(envelope-from vogelke@hcst.com)
Received: from beta.hcst.com (beta.hcst.com [192.52.183.241])
	by mx1.freebsd.org (Postfix) with ESMTP id D1AF88FC0A
	for <freebsd-questions@freebsd.org>;
	Mon, 13 Jul 2009 23:01:43 +0000 (UTC)
	(envelope-from vogelke@hcst.com)
Received: from beta.hcst.com (localhost [127.0.0.1])
	by beta.hcst.com (8.13.8/8.13.8/Debian-3) with ESMTP id n6DN1g4n026608
	for <freebsd-questions@freebsd.org>; Mon, 13 Jul 2009 19:01:42 -0400
Received: (from vogelke@localhost)
	by beta.hcst.com (8.13.8/8.13.8/Submit) id n6DN1gcI026607;
	Mon, 13 Jul 2009 19:01:42 -0400
Received: by kev.msw.wpafb.af.mil (Postfix, from userid 32768)
	id 5D519BF05; Mon, 13 Jul 2009 18:27:46 -0400 (EDT)
To: freebsd-questions@freebsd.org
In-reply-to: <4A5B68DC.2070505@radel.com> (message from Jon Radel on Mon, 13
	Jul 2009 13:03:24 -0400)
Organization: Oasis Systems Inc.
X-Disclaimer: I don't speak for the USAF or Oasis.
X-GPG-ID: 1024D/711752A0 2006-06-27 Karl Vogel <vogelke@pobox.com>
X-GPG-Fingerprint: 56EB 6DBF 4224 C953 F417  CC99 4C7C 7D46 7117 52A0
Message-Id: <20090713222746.5D519BF05@kev.msw.wpafb.af.mil>
Date: Mon, 13 Jul 2009 18:27:46 -0400 (EDT)
From: vogelke+unix@pobox.com (Karl Vogel)
Subject: Re: Should DNS be on same server as webserver?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: vogelke+unix@pobox.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2009 23:01:44 -0000

>> On Mon, 13 Jul 2009 13:03:24 -0400, 
>> Jon Radel <jon@radel.com> said:

J> Apache and Bind have both had their security issues over the years, and
J> there's something to be said for running them on different servers to
J> reduce both the "all eggs in one basket" factor and the ease of
J> spreading an attack.  (Yes, I'm assuming what you're actually
J> running....)

   You can fix the security problems by dumping Bind and using djbdns.
   It's very easy to set up a caching nameserver without using all the
   memory on your system.  See http://www.lifewithdjbdns.com/ for more.

-- 
Karl Vogel                      I don't speak for the USAF or my company
Smash forehead on keyboard to continue...       --Ken Applin