Re: bind8 vs bind9
bob@proulx.com writes:
> Tim Dijkstra <newsuser@famdijkstra.org> [2002-11-18 17:14:38 +0100]:
> >
> > Is there any reason to stick with bind8 other then convenience? I'm
> > asking this because bind9 seems pretty mature, but the default bind is
> > still bind8 I think...
>
> What is "convenient" about bind8? That is a serious question and not
> meant to be snide. Please educate me.
>
> With the many security advisories that have been posted against bind8
> recently I find bind9 much more convenient since I have not needed to
> update those servers as often.
>
> Perhaps you did not know that bind9 uses the exact same configuration
> file as bind8 in almost all cases? Unless you are doing something
> strange you don't need to change your configuration files at all.
Hmm. Searching CERT:
bind4: 10 results
bind8: 19 results
bind9: 21 results
tinydns+dnscache: 2 results
This was with only "Advisories" and "Vulnerability Notes" checked and,
admittedly, I didn't read the results in any detail. I personally use
tinydns+dnscache, but that's for a small home LAN and I didn't have
too much invested in BIND when I made the switch, but certainly these
results seem to indicate that if security is *the* major concern in a
DNS installation it's probably a good idea to stay away from BIND
altogether.
Gary
Reply to: