Re: which dns server to use ?
Splash Tekalal wrote:
Apache is more elegant. The only thing that can equal BIND in terms of
bloat, root exploits and general ugliness is perhaps sendmail.
Now, maybe I'm just ignorant, but are there any root exploits on Bind9?
(specifically 9.x, not anything older.. we know 8.x was unstable =P)
8.x was/is a stable branch, but there were security issues. These are
fixed, and reason to install BIND 8.x with care (like chrooting, see the
Securing Debian Manual). There is quite a difference between unstable
(is usually referred to as development status) and insecure.
Bind 9.x had some security issues though. See
But for Bind counts the same for all software: you've got to keep up to
date with issues and fix/upgrade them when found. That software has
never had any issues doesn't mean there won't be any in the future.
Arend van Waart