[NTLUG:Discuss] what else is there besides BIND and DJBDNS?

Chris Cox cjcox at acm.org
Mon Jun 16 21:46:13 CDT 2003


Richard Geoffrion wrote:
> Bind is so hackable...and DJBDNS is so...so....non standard.
> 
> Is there anything else out there that has bind compatibility and djbdns
> security?

I find that newer BIND is not too hackable.  All BIND's will have
DNS poisoning issues... there's more work to be done there.
djbdns is VERY inflexible.  Security at a HUGE cost IMHO.
BIND can use TSIG keys and even DNSSEC (maybe only in 9.x though).
BIND runs in a chroot env.... I think it's pretty secure (as
secure as DNS can be for now anyway).




More information about the Discuss mailing list