[34097] in North American Network Operators' Group
Re: sorry to ruin several of your evenings...
daemon@ATHENA.MIT.EDU (Paul Vixie)
Sun Jan 28 00:56:33 2001
To: nanog@merit.edu
From: Paul Vixie <vixie@mfnx.net>
In-Reply-To: asr@latency.net's message of "27 Jan 2001 16:49:25 -0800"
Date: 27 Jan 2001 21:54:31 -0800
Message-ID: <g3u26k5ii0.fsf@redpaul.mfnx.net>
Errors-To: owner-nanog-outgoing@merit.edu
asr@latency.net (Adam Rothschild) writes:
> Not to disrespect Mr. Vixie, or detract from the operational content
> of the original post, but I'd like to recommend another solution to
> these recently reported security holes in BIND: install djbdns
> <http://www.djbdns.org/>.
No disrespect taken. The README for 8.2.3 says:
Note that BIND 8 is in "end-of-life", having been replaced by BIND 9.
See http://www.isc.org/ for more details.
And indeed, BIND 9 has been in preparation for several years, has been in an
extended test release phase for the last 6 or 8 months, and with the release
of 9.1.0 a few weeks ago, is a far better choice than BIND 8.2.3 for most
systems. It's also compatible with BIND 8's configuration file syntax.
BIND 9's server shares not a single line of code with BIND 8's. So if genetic
diversity is what's worrying anybody, please check out BIND 9.1.0. But if you
just want the BIND 8 you already have (except, without certain security flaws)
then BIND 8.2.3 is just what you need.
