To: OneWingedShark
If MS DNS is implemented properly, it’s as secure as BIND. Most admins deploy MS DNS with secure updates turned off and zone transfers enabled from all sources, which is just a nightmare for administration and security overall.
8 posted on
07/02/2013 8:10:06 AM PDT by
rarestia
(It's time to water the Tree of Liberty.)
To: rarestia
If MS DNS is implemented properly, its as secure as BIND. Most admins deploy MS DNS with secure updates turned off and zone transfers enabled from all sources, which is just a nightmare for administration and security overall. But the point here is that BIND isn't secure either. Ironsides, on the other hand, is provably free of exceptions (the paper here) and both single-packet denial of service and remote code executions (this paper). That's a huge distinction.
9 posted on
07/02/2013 8:18:39 AM PDT by
OneWingedShark
(Q: Why am I here? A: To do Justly, to love mercy, and to walk humbly with my God.)
To: rarestia
If MS DNS is implemented properly, its as secure as BIND. Most admins deploy MS DNS with secure updates turned off and zone transfers enabled from all sources, which is just a nightmare for administration and security overall. This. Lazy admins take the shotgun approach. Not smart.
13 posted on
07/02/2013 9:48:33 AM PDT by
Noumenon
(What would Michael Collins do?)
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson