[ reformatted for readability, fullquotes snipped -- sigh! ] On Mon, Jan 29, 2001 at 10:17 -0800, Jeremiah Johnson wrote:
On Mon, Jan 29, 2001 at 06:55:29PM +0100, Jurjen Oskam wrote:
You might want to take a look at http://cr.yp.to/djbdns.html
And run a dns server incapable of doing any real features most people use in bind? I will admit, that dan bernstein does write really nice code. But the one reason its 'secure' is its complete lack of features.
Not to spread FUD but to add facts to these "accusation": What exactly is it that you need from bind that's worth constantly opening up holes? I have yet to encounter a situation with DNS administration that makes me wish I had bind running. Serving zones, doing transfers, caching -- all's fine, fast and runs on low resources. What do I miss? Is it compression? I have it in scp if I like -- builtin. Is it IPv6? I don't need it here in mid Europe (yet). Is it DNSsec? I wouldn't know whom to talk to with this method. And I'm not sure whom to believe anything when looking around ... BTW is not believing in non authoritative servers one of the reasons why I use djbdns. "poisoning" my cache is a little harder. Maybe it's complicated syntax or resource hogs? I can live very well without them. :) So what's exactly "any real feature most people use in bind" that lacks in djbdns? virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.