Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing DNS From The Roots Up

Posted by ryuzaki0 on Tuesday November 13, 2001 @05:33PM from the if-it'll-stop-reports-of-hacked-dns-records dept.

jeffy124 writes: "This article at ComputerWorld tells the story of how ICANN would like to replace the root DNS systems with secured servers. Lars-Johan Liman, one of the root operators, spoke about the concept at ICANN's annual meeting today. He discussed how the world's current redundant DNS system is vulnerable to DDOS attacks and yet-to-be-discovered root holes in bind that can ultimately undermine the entire Internet by taking away the name-IP mappings that are relied upon by just about everyone."

1 of 354 comments (clear)

Min score:

Reason:

Sort:

DJBDNS by davidu · 2001-11-13 18:13 · Score: 0, Redundant

For people looking for an easier and as of now more secure implementation for DNS you might want to check out tinydns, part of djbdns by the famous (or infamous) professor and programmer Dan Berstein.

DJBDNS has never had a security hole discovered and plenty of people frequently evaluate his sourcecode.

The one gripe people have with his code is that he hasn't GPL'd it or even opensourced it. What he has done which is slightly more interesting is just released it with NO license and instead just asserts ownership over his codebase. If it doesn't bother you that it isn't GPL or BSD, etc -- check it out and help make the net's DNS servers safer and more secure.

We run it at EveryDNS.Net and haven't had a problem with it yet.
Thanks, David U.

--

# Hack the planet, it's important.