to somthing called DNS poison [google.com]. Why? Because system administrators are anal and fail to realize that software like BIND is not written to be secure. Hell, DNS was not even designed for such a large internet. The original DNS implementors were bad programmers and designers.
BIND9... don't get your hopes up. The BIND company sells paches for their software. Meaning that if you don't pay them money then you're going to be running an errornouse DNS server.
Still most people use BIND for two reasons: no one wants
by Anonymous Coward writes:
on Sunday August 01, 2004 @08:54AM (#9857263)
No doubt you'll be on +5 informative soon for this 15 year old information.
BIND hasn't been vulnerable to DNS Poisoning since about version 4.8 unless you set it up allowing external updates from 0.0.0.0 (have to be specified as they're not allowed by default).
And djbdns is about as useful as a condom machine in the vatican for anyone needing more than a dns cache for a LAN.
90% of the internet is valnerable ... (Score:4, Interesting)
BIND9... don't get your hopes up. The BIND company sells paches for their software. Meaning that if you don't pay them money then you're going to be running an errornouse DNS server.
Still most people use BIND for two reasons: no one wants
Re:90% of the internet is valnerable ... (Score:3, Informative)
BIND hasn't been vulnerable to DNS Poisoning since about version 4.8 unless you set it up allowing external updates from 0.0.0.0 (have to be specified as they're not allowed by default).
And djbdns is about as useful as a condom machine in the vatican for anyone needing more than a dns cache for a LAN.
Re:90% of the internet is valnerable ... (Score:1)