Changes between Initial Version and Version 1 of Ticket #286, comment 1


Ignore:
Timestamp:
04/11/2014 09:30:53 AM (6 years ago)
Author:
trev
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #286, comment 1

    initial v1  
    11I checked out the information on Tinydns (part of [[http://tinydns.org/|djbdns]] tools) and so far it looks more promising than Bind. 
    22 
    3 * Last release was in 2001. However, Ubuntu package contains some patches, in particular to [[http://www.fefe.de/dns/|add IPv6 support]]. 
     3* Last release was in 2001. However, Ubuntu package (a fork named dbndns) contains some patches, in particular to [[http://www.fefe.de/dns/|add IPv6 support]]. 
    44* In total there were three vulnerabilities discovered in djbdns, one affecting Tinydns but only exploitable by specially crafted subdomain records (all have been patched in Ubuntu). That's a much better security track record than Bind. 
    55* The configuration files used by [[http://cr.yp.to/djbdns/tinydns-data.html|tinydns-data]] are unusual but still fairly straightforward. More importantly, generating this configuration file with Puppet should be trivial.