Bill Campbell wrote: > On Wed, Jul 23, 2008, Lanny Marcus wrote: > >> On Sat, Jul 19, 2008 at 2:27 PM, John Hinton <webmaster at ew3d.com> wrote: >> >>> OK, so does anybody have a good firewall rule solution for what we're >>> supposed to be doing with bind these days? Obviously port 53 is no longer >>> enough. >>> >> Consider using djbdns instead of BIND. It sounds like an excellent alternative >> to BIND. >> > > We have been using djbdns for years on a variety of Linux platforms and > FreeBSD, largely because (a) security, (b) performance, and (c) ease of > use. Not everybody likes Dan Bernstein, but I figure he's somewhat of a > curmudgeon who designs good software. > I know Dan personally, and think I was there during some of the big blowups (well the ones I was there for were big...). He definitely had/has a problem with 'the in crowd', and decided to put his money where his mouth was. I think most have benefited from this. Including the 'in crowd'. But I also know Vixie etal quite well and I stay with BIND. Each to their own machinzations, IMNSHO. > As for not having it supported on CentOS, I really don't care about that as > the majority of the server software we use is built under the OpenPKG.org > portable packaging system, independent of the underlying OS vendor's > packaging system. > > Bill >