Encyclopedia > DJBDNS

  Article Content

DJBDNS

DJBDNS is a simple and secure DNS implementation by Prof. Daniel J. Bernstein, because he feels that BIND's security history is very poor.

DJBDNS consists of 6 parts:

  • dnscache - the local dns cache/resolver.
  • tinydns - the local dns server.
  • walldns - a "reverse DNS wall".
  • rbldns - a dns blackholing service.
  • axfrdns - a zone-transfer server.
  • axfr-get - a zone-transfer client.

DJBDNS' main program, tinydns, does not implement all the features of BIND, such as zone-transfers. DJB feels that it is better to re-use existing tools (such as rsync and ssh) than to implement separate protocols for zone-transfers, as was done with bind. However, for compability, DJBDNS includes tools called axfrdns and axfrdns-get, to provide zone-transfers "the bind way".

DJBDNS also implements parsing of host data as a separate program. DNS caching and recursive resolving[?] is also implemented as a separate program. The result of these design decisions is a dramatic reduction in code size and complexity of the daemon program that answers lookup requests. Prof. Bernstein (and many others) feel that this is true to the spirit of the Unix operating system, and makes security verification much simpler.

DJBDNS is licensed to permit free redistribution and use, and the source code is publicly disclosed, but the license does not permit distribution of modifications (and is thus not open source or free software).

External link



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
Islip Terrace, New York

... 13.2% of all households are made up of individuals and 4.4% have someone living alone who is 65 years of age or older. The average household size is 3.21 and th ...

 
 
 
This page was created in 25.8 ms