<<< Date Index >>>     <<< Thread Index >>>

Re: [ga] Bindv9/DNS updated security Vulnerabilities - Sans/FBI's Top 20



Stephane and all former DNSO GA members or other stakeholders/users,

Stephane Bortzmeyer wrote:

> On Thu, Oct 09, 2003 at 11:24:10PM -0700,
>  Jeff Williams <jwkckid1@xxxxxxxxxxxxx> wrote
>  a message of 21 lines which said:
>
> >   In light of the site finder mess, one also may want
> > to consider the below listed more serious problem...
> >
> > See: http://www.sans.org/top20/oct02.php#U9  - Read completely
>
> Excellent reading for every name server administrator. I would add
> something: do not put all your eggs in the same basket (before BIND,
> sendmail had a quasi-monopoly on one critical function and many
> problems came from that before Postfix took a part of the
> market). Excellent free software like nsd
> <URL:http://www.nlnetlabs.nl/nsd/index.html> or PowerDNS

  pretty good stuff here, yes.  Not as good as our BindPlus though!  >;)

I also understand Verisign has it's own BindPlus as well.  But ICANN
seems to be a bit nervous of them deploying it...

>
> <URL:http://www.powerdns.com/> can replace BIND for some of its
> functions.

 Indeed it can.  However again it's still a bit short of the mark,
so to speak...

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Be precise in the use of words and expect precision from others" -
    Pierre Abelard
===============================================================
CEO/DIR. Internet Network Eng. SR. Eng. Network data security
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@xxxxxxxxxxxxx
Contact Number: 214-244-4827 or 214-244-3801