Srodne teme
24.10.2003. War skripta
02.06.2001. DNS ?
26.11.2001. Provera konfiguracije DNS-a
29.12.2001. War Games
10.12.2002. ms dns server
01.09.2002. LOKALNI DNS
29.07.2003. DNS server
12.12.2003. DNS i Internet connection sharing
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

DNS war ?!?

[es] :: Linux/UNIX serveri i servisi :: DNS war ?!?

[ Pregleda: 2364 | Odgovora: 0 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

B o j a n
eCTRL
EU

Član broj: 1178
Poruke: 2925
*.131.EUnet.yu

Jabber: bc@default.co.yu
Sajt: default.co.yu/~bc


+1 Profil

icon DNS war ?!?11.01.2002. u 11:24 - pre 233 meseci
Prvo citat:

-->--------------------------------------------------------------------------------------
From: "D. J. Bernstein" <[email protected]>
To: [email protected]
Subject: Re: Announcing a new DNS server implementation
References: <[email protected]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


[email protected] writes:
> First of all, BIND 9 is a complete rewrite of BIND, which, so far, has
> not had one security problem reported with it.

I have two questions. First, why has ISC reported all the crash-BIND-8
bugs on its ``BIND security'' page and in CERT advisories, but none of
the crash-BIND-9 bugs?

(The primary ``security'' mechanism in BIND 9 is a fragility mechanism:
BIND 9 commits suicide if it gets confused, or if you poke it sharply,
or if you simply think bad thoughts in its general direction. The BIND 9
change log is full of reports of easily triggered crashes.)

Second, how much money do I get from ISC if I look at the BIND 9 code
and find, for example, a bug letting attackers take over the server?

> This release has gone under months of testing by a volunteer crew, and
> I belive that we have most of the bugs ironed out.

I have three questions. First, what exactly do you mean by ``found some
security problems'' in your change log for 0.8.99? Why doesn't the
change log explain exactly what the problem is and what its impact is?

Second, how much money do I get from you if I look at your code and
find, for example, a bug letting attackers take over the server?

Third, bottom line: How serious are you about security? I don't just
mean chroot and stralloc. I don't just mean ``strive to be secure.'' And
I certainly don't mean Microsoft's ``we'll try but we guarantee you that
we'll fail.'' _Will_ your software be secure?

---Dan

P.S. I also have a question for the bugtraq moderators. You regularly
accept BIND 9 advertisements from the BIND authors, and you've accepted
this MaraDNS advertisement from the MaraDNS author. Why did you reject
http://cr.yp.to/djbdns/[email protected],
specifically the final paragraph about djbdns, as ``marketing''?

------------------------------------------------------------------>>>-------------

Ovaj post je stvarno fenomenalan, inace za one koji nisu u toku na bugtraq, radi se o tome sto je neki baja postovao obavestenje o postojanju novog DNS nazvanog MaraDNS, sto je vrlo cudno za bugtraq da uopste takvi emailovi prolaze moderisanje.

Na ovoj adresi: :::http://cr.yp.to/djbdns/[email protected]
se nalazi post koji *nije* prosao moderaciju, sto je Dan-a koliko vidim vrlo, vrlo razbesnilo L;))))

Da li je na pomolu novi flejm ?? Jer izgleda da se sada svi primaju na neke munje, security, chroot() /etc ... Pa sad koji je bolji ?
Nije da sam za Dan-a, ali meni djbdns najvise pasuje za kucnu upotrebu, a za servere ? hmmm, ne vidim mu manu.

What about BIND ?
ISC se svojestrano hvali o "new security mesaures" koje ima BIND9
hm, ne bih rekao ...

Mozda je i ovaj moj post pristrasan, ali je definitvno vreme za UN-BINDing !!!!!!

"It's okay, I'm just admiring to the shape of your skull!" -- Dr. Gonzo
 
Odgovor na temu

[es] :: Linux/UNIX serveri i servisi :: DNS war ?!?

[ Pregleda: 2364 | Odgovora: 0 ] > FB > Twit

Postavi temu Odgovori

Srodne teme
24.10.2003. War skripta
02.06.2001. DNS ?
26.11.2001. Provera konfiguracije DNS-a
29.12.2001. War Games
10.12.2002. ms dns server
01.09.2002. LOKALNI DNS
29.07.2003. DNS server
12.12.2003. DNS i Internet connection sharing
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.