On Mon, 25 Aug 2003, Milan P. Stanic wrote: > There are some of them: vsftpd, pure-ftpd, udhcp, uschedule ... to > note just some. They are not 100% secure, but they are more secure > than software written by ISC. I'm personally only really familiar with ISC's dhcpd3-server, but have you even read the code written by Ted Lemon? Just randomly slandering programmers when you are not intimately familiar with their code isn't something that should be done lightly. As far as I can remember, the last exploit in dhcpd3-server happened well over 2 years ago. While I've never heard of an exploit in udhcp, I'm relatively sure it's not as widely scrutinized as dhcpd3-server. > [ I don't like to offend Paul Vixie or ISC programmers. They do good > job in the beginnings of the Internet and probably in these days they > didn't anticipate how hostile will become network for collaboration, > sharing ideas and knowledge, extending freedom ... ] Many of ISC's programs (bind, dhcp) current versions have been completely rewritten from scratch, or nearly from scratch. The people who wrote them are quite well aware of the current state of hostile networks. > [ BTW, a good measure for security is: don't use ISC software! :-) ] In many cases, there isn't an alternative for ISC's software. I have yet to find a dhcp server that is as featureful and robust as ISC's dhcp server. If you're serving a network of 5 computers, udhcpd might work for you, but some people use debian to run dhcpd for networks of thousands of nodes with hundreds of subnets. Don Armstrong -- When I was a kid I used to pray every night for a new bicycle. Then I realised that the Lord doesn't work that way so I stole one and asked Him to forgive me. -- Emo Philips. http://www.donarmstrong.com http://www.anylevel.com http://rzlab.ucr.edu
Attachment:
pgplGamgZY_7f.pgp
Description: PGP signature