Re: [ga] Bindv9/DNS updated security Vulnerabilities - Sans/FBI's Top 20
Stephane and all former DNSO GA members or other stakeholders/users,
Stephane Bortzmeyer wrote:
> On Thu, Oct 09, 2003 at 11:24:10PM -0700,
> Jeff Williams <jwkckid1@xxxxxxxxxxxxx> wrote
> a message of 21 lines which said:
>
> > In light of the site finder mess, one also may want
> > to consider the below listed more serious problem...
> >
> > See: http://www.sans.org/top20/oct02.php#U9 - Read completely
>
> Excellent reading for every name server administrator. I would add
> something: do not put all your eggs in the same basket (before BIND,
> sendmail had a quasi-monopoly on one critical function and many
> problems came from that before Postfix took a part of the
> market). Excellent free software like nsd
> <URL:http://www.nlnetlabs.nl/nsd/index.html> or PowerDNS
pretty good stuff here, yes. Not as good as our BindPlus though! >;)
I also understand Verisign has it's own BindPlus as well. But ICANN
seems to be a bit nervous of them deploying it...
>
> <URL:http://www.powerdns.com/> can replace BIND for some of its
> functions.
Indeed it can. However again it's still a bit short of the mark,
so to speak...
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Be precise in the use of words and expect precision from others" -
Pierre Abelard
===============================================================
CEO/DIR. Internet Network Eng. SR. Eng. Network data security
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@xxxxxxxxxxxxx
Contact Number: 214-244-4827 or 214-244-3801