BIND 9 windows XP builds
Paul Kosinski
bind at iment.com
Tue Apr 18 21:08:54 UTC 2017
Yes, I suppose not every machine running BIND is connected to the
Internet. But how many are network inaccessible to every machine that
*is* connected to the Internet and might be compromised?
We run a local BIND for our LAN to avoid HOSTS files, but that same
machine is connected to the Internet -- and runs a different instance of
BIND to be authoritative for our domain. (No, not a separate machine,
it's a very small installation.)
So, how many BINDs are completely isolated from the Internet, even
under transitive closure of the internal network? It's surely a proper
subset of all instances of BIND, but I doubt if it's other than a quite
small subset.
On Tue, 18 Apr 2017 17:22:24 +0000
"Darcy Kevin (FCA)" <kevin.darcy at fcagroup.com> wrote:
> Unspoken and false assumption: that every machine running BIND is
> connected to the Internet.
>
> I'm no fan of old, broken Microsoft OSes (or even the newer ones, for
> that matter), but let's be clear here: BIND is for anyone who doesn't
> want to maintain a "hosts" file. "Connected to the Internet" is a
> much smaller subset of *that* set.
>
> - Kevin
>
> -----Original Message-----
> From: bind-users [mailto:bind-users-bounces at lists.isc.org] On Behalf
> Of Paul Kosinski Sent: Monday, April 17, 2017 9:08 PM
> To: bind-users at lists.isc.org
> Subject: Re: BIND 9 windows XP builds
>
> I can see somebody running XP for some "legacy" software that doesn't
> run nicely on newer versions of Windows, but I would think it
> extremely risky to have such a machine connected to the Internet.
>
> Maybe whoever runs BIND on XP should consider converting that machine
> to Linux, and running BIND on Linux?
>
>
> On Mon, 17 Apr 2017 20:30:43 +0000
> Evan Hunt <each at isc.org> wrote:
>
> > Greetings,
> >
> > For some time ISC has been providing three Windows builds for each
> > release of BIND 9: x64, win32, and windows XP.
> >
> > Windows XP is well past its end of life and is no longer receiving
> > security updates. I'd like to stop supporting it after the
> > upcoming maintenance release, but it's been pointed out to me that
> > a significant number of people -- many thousands -- are downloading
> > the XP version every time we put out a new release.
> >
> > This information surprised me. If you're one of those people, would
> > you mind responding, either on or off the list, to discuss it? Why
> > are you using XP to run a name server? Is it possible you're still
> > using the XP build out of inertia, but your OS would work equally
> > well with the win32 build? If you're really still running XP, do
> > you have a plan for transitioning to something newer?
> >
> > We want to support the needs of our users, but to do that we have
> > to understand those needs, so please let us know what yours are.
> > Thanks,
> >
> > --
> > Evan Hunt -- each at isc.org
> > Internet Systems Consortium, Inc.
More information about the bind-users
mailing list