The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization's naming architecture can be built. The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service.
|
Downloads
BIND is available at no charge under the BSD License.
Software packages are signed using ISC's PGP Key. Download Current Release Download Software under Development Download other versions
Mailing Lists
Suggestions for features, enhancements, etc. should be sent to <bind-suggest@isc.org>
The following mailing lists are available: <bind-announce@isc.org> & <bind-users@isc.org>, Click here to subscribe to these lists. Archives for the BIND mailing lists
Documentation / References
BIND 9.5 Administrator Reference Manual [ PDF single HTML ]
BIND 9.4 Administrator Reference Manual [ PDF single HTML ] BIND 9.3 Administrator Reference Manual [ PDF ] BIND 9.2 Administrator Reference Manual [ PDF ] BIND FAQ Additional Documentation / References The Software Guild aka BIND Forum BIND History Red Hat RPMs for ISC BIND Other BIND and DNS Resources Vendor products based on BIND ISC BIND delegation-only Feature Draft NIST Special Publication 800-81 Secure Domain Name System (DNS) Deployment Guide ISC now provides support contracts for BIND. |
ATTENTION
ISC Response to Recent DNS Transaction ID Issues
ISC and Infoblox Offer BIND 8 Transition Strategies webinar BIND 8.x EOL & Cert Advisory CVE-2007-2930 VU#927905 Security Advisory against ISC BIND 9.4.0 and later releases - Upgrade Now! Training and Support contracts for BIND are now available! BIND S/W Versions and Support BIND4/BIND8 Unsuitable for Forwarder Use If a nameserver -- any nameserver, whether BIND or otherwise -- is configured to use ``forwarders'', then none of the the target forwarders can be running BIND4 or BIND8. Upgrade all nameservers used as ``forwarders'' to BIND9 . There is a current, wide scale Kashpureff-style DNS cache corruption attack which depends on BIND4 and BIND8 as ``forwarders'' targets. Alpha version of 9.5 available for testing -- stats, GSS-TSIG, ... are new features See the BIND Security Matrix for security-related information. If you are running BIND 4.x.x, and cannot upgrade to BIND 9.2.x or BIND 8.x, we recommend you use BIND Version 4.9.11 rather than any lower 4.x releases. It is possible to obtain older versions of BIND via ftp ; however, they are provided for reference only and should not be used.
ALERTS
CERT Advisory VU#927905 on BIND 8.x
UPGRADE: A sequence of queries can cause a recursive nameserver to exit. UPGRADE: dereferencing freed fetch context can caused named to exit unintentionally. DNSSEC Validation vulnerability. Vulnerabilities around SIG Query processing and INSIST Failures (5 Sept 2006) NISCC 172003 (5 Sept 2006) CERT Vulnerability Notes VU#915404 and VU#697164 NISCC-UNIRAS 20050125-00059 CERT Vulnerability Note VU#327633 NISCC-UNIRAS 20050125-00060 CERT Vulnerability Note VU#938617 NISCC-UNIRAS 20041130-00862 BIND versions 4, 8 and 9 are not vulnerable to this attack CERT Advisory CA-2001-02 - 01/29/2001 CERT Advisory CA-2002-19 - 06/28/2002 CERT Advisory - CA-98.05 - 04/08/1998, revised 11/16/1998 CERT Advisory CA-99-14 - 11/10/1999 archive list
Bug Reports
Before submitting a bug report please ensure you are running a current version .
Bug reports for BIND should be sent to <bind9-bugs@isc.org> |