[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bind8 vs bind9



bob@proulx.com writes:
> Tim Dijkstra <newsuser@famdijkstra.org> [2002-11-18 17:14:38 +0100]:
> > 
> > Is there any reason to stick with bind8 other then convenience? I'm
> > asking this because bind9 seems pretty mature, but the default bind is
> > still bind8 I think...
> 
> What is "convenient" about bind8?  That is a serious question and not
> meant to be snide.  Please educate me.
> 
> With the many security advisories that have been posted against bind8
> recently I find bind9 much more convenient since I have not needed to
> update those servers as often.
> 
> Perhaps you did not know that bind9 uses the exact same configuration
> file as bind8 in almost all cases?  Unless you are doing something
> strange you don't need to change your configuration files at all.

Hmm. Searching CERT:

bind4: 10 results
bind8: 19 results
bind9: 21 results
tinydns+dnscache: 2 results

This was with only "Advisories" and "Vulnerability Notes" checked and,
admittedly, I didn't read the results in any detail. I personally use
tinydns+dnscache, but that's for a small home LAN and I didn't have
too much invested in BIND when I made the switch, but certainly these
results seem to indicate that if security is *the* major concern in a
DNS installation it's probably a good idea to stay away from BIND
altogether.

Gary



Reply to: