Firewall Wizards mailing list archives
RE: Does blocking TCP DNS packets keep your Bind safe?
From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Mon, 19 Mar 2001 11:08:18 -0800
From: "Loomis, Rip" <GILBERT.R.LOOMIS () saic com> Subject: RE: [fw-wiz] Does blocking TCP DNS packets keep your Bind safe? Date: Fri, 16 Mar 2001 23:20:55 -0500
[snippage]
BTW, many of djb's other writings about BIND (specifically including your third URL) also contain factual errors which would appear to indicate that he is letting antagonism get in the way of his considerable intellect.[1] I can go into them in detail if anyone cares, but please contact me off list so I don't waste everyone's bandwidth. The biggest one is that the TSIG/NXT BIND 8 bugs are due to the programming methods used in BIND 9...when they're actually symptoms of the reason why BIND 9 was a total re-write.
I have to say that it was also my impression when I first visited Dan's website that he has this "my way is the only way" kind of mentality which impacts his product's credibility in my eyes. Also re: BIND vulnerabilities, let's not forget that they are also going to be afflicted with the "popularity handicap" which is to say, since there are probably 100x more servers out there in the world running BIND, the likelihood of seeing or finding bugs on the platform, and the level of interest for people to design exploits are both going to be way higher than for a relatively scarce product like djbdns. None of that is to say that BIND hasn't had more than its share of exploitable bits, but just to put things into perspective a little. Phil -- Philip J. Koenig pjklist () ekahuna com Electric Kahuna Systems -- Computers & Communications for the New Millenium _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Does blocking TCP DNS packets keep your Bind safe?, (continued)
- Re: Does blocking TCP DNS packets keep your Bind safe? Darren Reed (Mar 14)
- Re: Does blocking TCP DNS packets keep your Bind safe? Todd (Mar 14)
- Re: Does blocking TCP DNS packets keep your Bind safe? Darren Reed (Mar 14)
- RE: Does blocking TCP DNS packets keep your Bind safe? Todd (Mar 16)