On Wed, 2002-07-24 at 20:40, David Wright wrote: > > Also, what do you dislike about BIND? If we know what you're trying to > > avoid, we can probably give you better answers. > > The constant reports of new BIND vulnerabilities, related to the fact that > BIND was not designed with security in mind. The complexity and that comes > from trying to be able to do lots more than I need. Others commented about bind9. Also: code that is widely used has its security flaws discovered, and thus will almost always have more vulnerability reports than code few people use. And: the DNS *protocol* was desind without security in mind. You won't get around this (until DNS-whatever (-sec? -ng?) is really used). cheers -- vbi -- secure email with gpg http://fortytwo.ch/gpg
Attachment:
signature.asc
Description: This is a digitally signed message part