[svlug] Bind Vulnerabilities

John Conover conover at rahul.net
Sun Mar 25 09:21:01 PST 2001


BTW, I've had good luck using djbdns, (dnscache,) on Linux as an
alternative to bind:

    http://cr.yp.to/djbdns.html

FWIW ...

	John

BTW, I know folks have issues with Bernstein's software copying
policies. Its just a suggestion ...

Rick Moen writes:
> begin  Drew Bertola quotation:
> 
> [BIND v. 9's "views" feature:]
> 
> > Seems like this is just the thing for my firewall/router/dns/webserver
> > box.  I only have one static IP, so my internal network is all
> > 192.168.x.y and I don't want my DNS server broadcasting what my
> > internal stuff.  I guess from the outside, I'll offer a view of all
> > public domain info, while from the inside, there'll be a view of both
> > public and my private domains.  Cool.  All from one DNS box.
> 
> Oh, yes.  The work-around required with BIND 8 to accomplish the same 
> thing is quite hideous, and this has been an eagerly anticpated feature,
> for that reason.  There's even been a section in Craig Hunt's _DNS and
> BIND_ book for years, talking about how it works and how handy it is,
> but for the fact that it hasn't been actually implemented.
> 
> -- 
> Cheers,                                      Right to keep and bear
> Rick Moen                                  Haiku shall not be abridged
> rick at linuxmafia.com                           Or denied.  So there.
> 
> _______________________________________________
> svlug mailing list
> svlug at lists.svlug.org
> http://lists.svlug.org/mailman/listinfo/svlug
-- 

John Conover        Tel. 408.370.2688  conover at rahul.net
631 Lamont Ct.      Cel. 408.772.7733  http://www.johncon.com/
Campbell, CA 95008  Fax. 408.379.9602  





More information about the svlug mailing list