Encyclopedia > Djbdns

  Article Content

DJBDNS

Redirected from Djbdns

DJBDNS is a simple and secure DNS implementation by Prof. Daniel J. Bernstein, because he feels that BIND's security history is very poor.

DJBDNS consists of 6 parts:

  • dnscache - the local dns cache/resolver.
  • tinydns - the local dns server.
  • walldns - a "reverse DNS wall".
  • rbldns - a dns blackholing service.
  • axfrdns - a zone-transfer server.
  • axfr-get - a zone-transfer client.

DJBDNS' main program, tinydns, does not implement all the features of BIND, such as zone-transfers. DJB feels that it is better to re-use existing tools (such as rsync and ssh) than to implement separate protocols for zone-transfers, as was done with bind. However, for compability, DJBDNS includes tools called axfrdns and axfrdns-get, to provide zone-transfers "the bind way".

DJBDNS also implements parsing of host data as a separate program. DNS caching and recursive resolving[?] is also implemented as a separate program. The result of these design decisions is a dramatic reduction in code size and complexity of the daemon program that answers lookup requests. Prof. Bernstein (and many others) feel that this is true to the spirit of the Unix operating system, and makes security verification much simpler.

DJBDNS is licensed to permit free redistribution and use, and the source code is publicly disclosed, but the license does not permit distribution of modifications (and is thus not open source or free software).

External link



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
North Lindenhurst, New York

... is spread out with 25.6% under the age of 18, 7.5% from 18 to 24, 33.8% from 25 to 44, 21.3% from 45 to 64, and 11.8% who are 65 years of age or older. The median ...

 
 
 
This page was created in 24.7 ms