sorry to ruin several of your evenings...
Paul Vixie
vixie at mfnx.net
Sun Jan 28 05:54:31 UTC 2001
asr at latency.net (Adam Rothschild) writes:
> Not to disrespect Mr. Vixie, or detract from the operational content
> of the original post, but I'd like to recommend another solution to
> these recently reported security holes in BIND: install djbdns
> <http://www.djbdns.org/>.
No disrespect taken. The README for 8.2.3 says:
Note that BIND 8 is in "end-of-life", having been replaced by BIND 9.
See http://www.isc.org/ for more details.
And indeed, BIND 9 has been in preparation for several years, has been in an
extended test release phase for the last 6 or 8 months, and with the release
of 9.1.0 a few weeks ago, is a far better choice than BIND 8.2.3 for most
systems. It's also compatible with BIND 8's configuration file syntax.
BIND 9's server shares not a single line of code with BIND 8's. So if genetic
diversity is what's worrying anybody, please check out BIND 9.1.0. But if you
just want the BIND 8 you already have (except, without certain security flaws)
then BIND 8.2.3 is just what you need.
More information about the NANOG
mailing list