NT vs. Unix DNS

Kevin Darcy kcd at daimlerchrysler.com
Wed Apr 19 23:38:51 UTC 2000 

Daniel Baird wrote:

> What are you on about? The ISC released a new version that had the problems
> fixed, and before most people even knew the problem existed. There was no
> need for any work around.

Has Microsoft even released the "service pack" which they recommend as the way
to fix their memory-leak bug?

> The only problem with open source is that you need to be a bit cluey to use
> it. That, and the fact that most big companies want a support contract to go
> along with everything, and a company to sue if it all goes horribly wrong.

Big companies are slowly learning their lesson on this, I think. When the stuff
just *works*, the "who can we sue?" question becomes rather academic. A few
years back, we took out a support contract on BIND, and it ended up being a
total waste of money. We haven't repeated that mistake.


- Kevin

> You say that "hackers" (i assume you mean crackers, vandals, criminals etc)
> have access to the source. Yes, most certainly. But if the program is secure
> and you make sure you get a clean version from the authors, what does it
> matter? You cant break in through a back door if there is no back door.
>
> Daniel
>
> -----Original Message-----
> From: Art [mailto:art.mishurov at submitorder.com]
> Sent: Thursday, 20 April 2000 8:14 AM
> To: comp-protocols-dns-bind at rodan.uu.net
> Subject: Re: NT vs. Unix DNS
>
> Well, at least it is better than the following "workaround" (copied from
> http://www.isc.org/products/BIND/bind-security-19991108.html):
>
> [snip]
>
> The bottom line is that every product has its own drawbacks. The thing with
> the open-source software is that you have the source code, but so do the
> hackers. Of course, one can always argue that Microsoft creates bloated and
> inefficient software.
>
> - Art
>
> Stephens, Bill <Bill.Stephens at fritolay.com> wrote in message
> news:200004172224.SAA00270 at briar.org...
> > Sure, the difference is simple.  With BIND DNS, you have the source
> > code, you can keep your DNS up to date, it is "the standard".  Or, you can
> > accept stuff like this as normal business (pay close attention to their
> > standard "workaround"):
> >
> > WORKAROUND
> > To avoid this problem, restart the server on a regular basis.
> >
> >

More information about the bind-users mailing list