Sam Drinkard <sam at wa4phy.net> wrote: > I was more curious why it was considered lame server whereas > prior to CentOS, it worked well, and was not considered lame > under BSD. No difference. ISC BIND v8 (used by both Linux and BSD IIRC) had a lot of buffer overflows and other holes. I personally got hit by one in 8.2.1 -- although that was my fault. I stupidly hadn't updated for 4 months since the first BIND shell exploits became available, which was 5 months later than when the patches/upgrades appeared (meaning I was out-of-date by 9 months total). It took me a bit, but I discovered a rootkit was installed -- but only because the original compromiser left his original BIND shell running. Luckily the system was in its own DMZ, and I did not use the same passwords for anything else. Today I use both host and network IDSes, and catch these things when they happen -- even at home. -- Bryan J. Smith Professional, Technical Annoyance b.j.smith at ieee.org http://thebs413.blogspot.com ---------------------------------------------------- *** Speed doesn't kill, difference in speed does ***