Tip: Personal DNS server for Windows XP free !
Danny Mayer
mayer at gis.net
Wed Dec 25 19:08:51 UTC 2002
At 07:23 AM 12/25/02, Pete Ehlke wrote:
>On Sat, Dec 21, 2002 at 11:50:48PM +0100, Skybuck Flying wrote:
> >
> > Since bind 9.2.1 wasn't working on Windows XP and is difficult to setup for
> > newbs and pro's via textfiles and search for a special dns server
> > for windows xp :)
> >
> > I found and just installed this one and it works great :)
> >
> > ( I had to first deinstall bind though :) )
> >
> > Check it out:
> >
> > http://www.ntcanuck.com/
> >
> > It's free ! :)
> >
> > But is it secure ? :)
> >
>Don't use this thing. There was recently a long discussion here about
>the author's somewhat ill-considered decision to save the cache to disk
>between invocations. It came out during that discussion that the real
>purpose behind BIND-PE seems to be to subvert the root servers by
>seeding BIND-PE's hints file with every hare-braned "alternate root"
>server set that the author has ever heard of.
There's a second problem with the installation: it doesn't turn off the DNS
Cache Client Service. This means you have two levels of caching making
it much more difficult to recover from cache poisoning attacks, assuming
that individual users a) even know what that is and b) has sufficient
knowledge to figure out what's wrong.
Danny
>As Duncan Campbell recently said:
>
> a structured, heirarchical, distributed database.
> a beautiful thing. don't break it.
>
>BIND-PE breaks it. Don't use it.
More information about the bind-users
mailing list