[TriLUG] hosting your own DNS
Aaron S. Joyner
aaron at joyner.ws
Fri Mar 9 11:21:30 EST 2007
Yes, BIND is a lot more secure these days. One could argue that its
survived the trial by fire, over the years. At first it got burned very
often, but now in quite think asbestos, it's doing okay. The last
remote exploit for bind that I recall has been years ago. There are
still occasionally DoS issues with the brand-spanking new features, ala
DNSSEC stuff, but unless you're living on the bleeding edge of that,
they very likely don't affect you. As with any service you run
connected to the Internet, please stay abreast of the security
literature regarding it, but generally BIND isn't likely to cause you
any headaches in that department.
Aaron S. Joyner
Reginald Reed wrote:
> I don't know how things are these days, but I got sick and tired of
> updating BIND to address the numerous security issues. I went out of
> my way to find other *non-BIND* DNS systems so I didn't have to deal
> with all the common rootkits. Has BIND gotten a lot more secure?
>
> --Reggie
>
> On 3/7/07, Michael Rothwell <michael at rothwell.us> wrote:
>>
>> On Mar 7, 2007, at 1:02 PM, Aaron Joyner wrote:
>>
>> > setup a local BIND server on a static IP on a link you control.
>> > Then pay someone to do secondary DNS service for you.
>>
>> This is the way to go, IMHO. If you want to stick with DynDNS as your
>> vendor, one of their offered services is secondary DNS:
>>
>> http://www.dyndns.com/services/dns/secdns/
>>
>> They charge $15 a year, which seems affordable.
>>
>> -M
>> --
>> TriLUG mailing list :
>> http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG Organizational FAQ : http://trilug.org/faq/
>> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>>
More information about the TriLUG
mailing list