On Sat, 2004-10-09 at 13:15, doc wrote:
The new 20 Most Critical Internet Security Vulnerabilities updated list just came out: http://www.sans.org/top20/
I was shocked to read the following on another list: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Big suprise that BIND is at the top of the UNIX list :P They even mentioned it by name unlike the horrible sendmail which they just lumped in with the other buggy mail programs. This proves once again that absolutely ANY DNS server is better than BIND. Even Microsoft's." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Are Sendmail and BIND as bad as he implies or do I take this as the grumblings of an uninformed person?
Yes they are.
Or is it just a matter of vulnerability only if one does not take proper care in the configuration phase?
In some cases, yes.
I find it hard to believe that anything MS produces may be secured to a superior level of a UNix/Linux app.
I agree. We run djbdns, rbldns, qmail & VisualOfiice. Very sweet. /Dee
-- Thanks! & 73, doc kd4e West Central Florida 100% Linux. Suse 9.1 Drake, Hallicrafters, Heathkit, TenTec, Yaesu Radio Life: http://www.gospelcom.net/twr/ Linux-Incompatible hardware is defective! USA Pres. Election 2004: http://www.rnc.org/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~