RE: [cobalt-users] Is BIND Secure?

["aljuhani" <aljuhani@xxxxxxxxx>]

Thanks for the input.  Well sure i'm not going to switch over to this software
on My Cobalt or non-Cobalt servers.  It has just caught my attention.

Have you noticed somewhere in that article, where it says
 "In fact, the developer of djbdns, Dan Bernstein, offers a $500 reward 
for the first person who can legitimately compromise the product. 
Because djbdns was written with security in mind, he feels that his money is safe."

I think these guys are looking for troubles.  

I have just searched google and found this page:
http://cr.yp.to/djbdns/guarantee.html

Regards,

aljuhani@xxxxxxxxx

======= Original Message =======

  From: Goetz Lohmann cobalt-users@xxxxxxxxxxxxxxx 
  To: cobalt-users@xxxxxxxxxxxxxxx 
  Sent: Thu Feb 20 03:47:00 2003 
  Subject: RE: [cobalt-users] Is BIND Secure?

aljuhani schrieb:

>Hello List.
>
>Just need some input from experienced administrators on this list regarding the article below.
>Is it true that BIND is no longer safe or just another way to make money.
>
>http://techupdate.zdnet.co.uk/story/0,,t507-s2129897,00.html
>
>Kind Regards,
>aljuhani@xxxxxxxxx
>
EVERY little software has its bug !!! So that it's true that bind is one
of the popular DNS Server and this way been always a target of attack. 
But ... also it is true that a wide range of people use it and may discover
security wholes faster then a little small crew of man who
created an replacement. If you stay always on top of the security
Patches it is as safe as a software could be. You should also be concerned
about using FTP and Telnet cause Bind is not the only thingof target
for an Cracker. It wouldn't help you much if you replace Bind and
have other doors wide open.
You may or may not replace your Bind ... but beware ...when the next
security patch came along from SUN you might stumble cause your
new software might incompatible with the package ...

regards