Re: Newb questions

From: Bill Vermillion (bv_at_wjv.com)
Date: 09/14/04

• Next message: Bill Vermillion: "Re: RELEASE or STABLE for production server/remote update over ssh"
• Previous message: Michael Ross: "Re: IPFW & NAT problem with connection speed"
• In reply to: John Bleichert: "Re: Newb questions"
• Next in thread: Rainer Duffner: "Re: Newb questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 14 Sep 2004 15:55:00 GMT

In article <iHG%c.11673$Wv5.8186@newsread3.news.atl.earthlink.net>,
John Bleichert <syborg@earthlink.net> wrote:
>+Alan Hicks+ <alan@lizella.network> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> In comp.unix.bsd.freebsd.misc, Sky-Knight dared to utter,
>>> I'm looking for suggestions on DNS and mail servers. I know BIND
>>> and sendmail are there but I keep hearing about potential security problems.
>>
>> BIND and sendmail both have a history of security vulnerabilities, but
>> you must also realize that BIND and sendmail are very old. In computer
>> years, they're from the paleolithic era. :^) Both daemons suffer from a
>> bad rap thanks to security problems that are in many cases decades old.
>> Recent versions are stable and have no known bugs to my knowledge.
>> Performance with both services is high, and support for them is
>> outstanding.
>>
>>> It was suggested to me that I use djbdns and qmail.
>>
><snip>

>I've had no problems with bind and it's fairly easy to setup. I used
>qmail in linux for a while until I discovered Postfix. qmail is a
>beotch to setup, I didn't care for it at all - Postfix is very easy to
>work with. Highly recommended, and it exists in the ports tree.

As I recall the last severe problem in BIND was the Lion bug
that gave root access in Linux systems. On a FreeBSD system
all that did was stop named. And that was 4 to 5 years ago.

Bill

-- 
Bill Vermillion - bv @ wjv . com

• Next message: Bill Vermillion: "Re: RELEASE or STABLE for production server/remote update over ssh"
• Previous message: Michael Ross: "Re: IPFW & NAT problem with connection speed"
• In reply to: John Bleichert: "Re: Newb questions"
• Next in thread: Rainer Duffner: "Re: Newb questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages [Full-Disclosure] Sidewinder G2 Thanks and a question or two ... This was VERY disturbing. ... >other service protection is not vulnerable to the exploits against BIND ... >versions of BIND and Sendmail. ... (Full-Disclosure) Re: Newb questions ... I know BIND ... >> and sendmail are there but I keep hearing about potential security problems. ... to avoid qmail in favour of a postfix-based solution. ... It's also mostly unusable without different patches, ... (comp.unix.bsd.freebsd.misc) How do I get sendmail working again ... Well, after following the instructions at the former link, sendmail will no ... daemon MTA: cannot bind: Address already in use ... whitbap# /etc/rc.d/sendmail start ... (freebsd-questions) Re: replacing sendmail with qmail ... that Sendmail and bind and so on have their exploits.. ... Freedom of religion. ... To not have or change the different MTA by default in FreeBSD ... (freebsd-hackers) Re: Newb questions ... I know BIND ... > and sendmail are there but I keep hearing about potential security problems. ... If you look at qmail you'll see that the ... Patches are required to compile it on just about any modern ... (comp.unix.bsd.freebsd.misc)

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint