Free, secure alternative to bind?
Jim Reid
jim at rfc1035.com
Wed Mar 20 10:42:46 UTC 2002
>>>>> "Thomas" == Thomas Seyrat <thomas at glou.net> writes:
Thomas> Are you serious when you write that Nominum does _not_
Thomas> use BIND for GNS ?
He is.
Thomas> By the way, is the GNS infrastructure using BIND 8 or 9 ?
GNS doesn't use BIND.
Thomas> I could not find that information on Nominum's web site.
Read the GNS White Paper at:
http://www.nominum.com/resources/whitepapers/gns-whitepaper-v2.html
This states fairly clearly what software GNS uses, as well as
explaining the architecture. I quote from it:
The GNS name servers run proprietary DNS server software
written by the experts at Nominum. These servers have been
optimized for specific functions within the GNS system, and
have significantly better performance traits than general
purpose DNS software.
And here's an extract from the GNS FAQ which is at
https://gns.nominum.com/doc/english/faq.html
4. I'm concerned about security. I heard something about BIND being
vulnerable. What kind of security do you offer?
Our service is based on proprietary DNS server software
written by Nominum and not susceptible to vulnerabilities
known to exist in BIND. Nominum's name servers are in full
conformance with RFCs 1035 and 2181, and are fully capable of
supporting dynamic updates to primaries as defined in RFC
2136 and Transaction Signatures as defined in RFC 2845.
Both those documents are readily accessible from the GNS home page
(select "Products & Services", then "GNS") so you shouldn't have had
any difficulty finding them.
More information about the bind-users
mailing list