RE: [suse-security] Is bind 9.1.0 secure?
you forgot one reason to use bind, and this one is important and security relevant: The number of others using it and the resulting amount of documentation and help available! The same is true für MS products.
Customers use bind because if they have problems help is available. There are books they can buy. The DNS technicians of their ISP can help. This is an important reason to use bind.
This would be a valid point. But it is my experience that an extremely high percentage of the people using MS software doesn't know how to use it properly. And regarding the server components, even very many 'experts' are too ignorant to deserve the title at all. Same goes for most BIND installations out there. The people in charge of them know the basics of DNS, but that's about it, most of the time. I have yet to come to a customer site and find the current version of BIND, i.e. one without known security issues, aka root exploits, running. Many of the configurations I see are wrong or highly insecure, reverse zones are missing, etc... IMHO, this is very much similar to the high proportion of vulnerable IIS servers on the 'Net. Cheers Tobias
participants (1)
-
Reckhard, Tobias