Djbdns

related topics
{system, computer, user}
{math, number, function}
{law, state, case}
{work, book, publish}
{style, bgcolor, rowspan}
{area, part, region}

The djbdns software package is a DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. A $1000 prize[1] for the first person to find a privilege escalation security hole in djbdns was awarded[2] in March 2009 to Matthew Dempsky.

As of 2004, djbdns's tinydns component was the second most popular DNS server.[3]

djbdns has never been vulnerable to the cache poisoning vulnerability reported in July 2008 [4][5], but it has been discovered that it is vulnerable to a related attack. [6]

The source code has not been centrally managed since 1991 and was released into the public domain in 2007. As of March 2009, there are three forks, one of which is dbndns, the fork of the Debian Project, and more than a dozen patches to address shortcomings exist.[7]

Contents

The main djbdns components

The djbdns software consists of server, client, and some miscellaneous configuration tools.

Servers

  • dnscache — the dns resolver and cache.
  • tinydns — a database-driven dns server.
  • walldns — a "reverse DNS wall", providing IP to domain name lookup only.
  • rbldns — a server designed for dns blacklisting service.
  • pickdns — a database-driven server that chooses from matching records depending on the requester's location. (This feature is now a standard part of tinydns.)
  • axfrdns — a zone-transfer server.

Client tools

  • axfr-get — a zone-transfer client.
  • dnsip — simple address from name lookup.
  • dnsipq — address from name lookup with rewriting rules.
  • dnsname — simple name from address lookup.
  • dnstxt — simple text record from name lookup.
  • dnsmx — mail exchanger lookup.
  • dnsfilter — looks up names for addresses read from stdin, in parallel.
  • dnsqr — recursive general record lookup.
  • dnsq — non-recursive general record lookup, useful for debugging.
  • dnstrace (and dnstracesort) — comprehensive testing of the chains of authority over dns servers and their names.

Full article ▸

related documents
Java Transaction API
SEX (computing)
Carson bandwidth rule
Galeon
LAME
CORC
Steelman language requirements
IBrowse
Yottabyte
Hotline
Federal Information Processing Standard
Gnuplot
Ghostscript
Programmed Data Processor
Java Development Kit
Knowbot Information Service
Ncurses
Communications in Slovenia
Communications in Nepal
Spiral model
TAT-8
TAT-6
Gating
Communications-electronics
Communications in Mauritania
Sega VR
Moving Picture Experts Group
Communications in Barbados
Hop (telecommunications)
Sophie Wilson