Re: Need named?

Subject: Re: Need named?
From: Paul J. Schinder (
Date: Tue Feb 27 2001 - 06:17:02 MST

>On Mon, 26 Feb 2001, Neil Jolly wrote:
>> On February 26, 2001 01:30 pm, you wrote:
>> > "Paul J. Lucas" wrote:
>> > > If I just have my li'l ol' Linux box that does not serve DNS to
>> > > any other machine, do I need named/bind running or installed?
>> >
>> > Simple answer - no 8^)
>> Try djbdns from the author of qmail. It's easy to setup, and very
>>secure. Get
>> it at:
> The issue isn't looking for something simpler. I already have
> it installed and working. The question was: do I need it at
> all?

Strictly speaking, no. If you put one or two of nameservers in
/etc/resolv.conf, that's all you need.

However, I run djbdns' dnscache on all of my machines. The reason is
that the nameservers in /etc/resolv.conf are unreliable (significant
down time), so I'd rather use my own cache.

As recent events have proved, BIND is a significant security hazard
(a large program with a poor security model that runs as root and
listens to the Internet). BIND, like sendmail, should be stripped
from any machine.

> - Paul

Paul J. Schinder
NASA Goddard Space Flight Center
Code 693

This archive was generated by hypermail 2a24 : Tue Feb 27 2001 - 06:17:12 MST