DNS Security (was: RE: [SunRescue] hosts file And DNS files??)

[Sebastian Marius Kirsch]

On Sat, May 26, 2001 at 01:24:20PM -0400, Greg A. Woods wrote:
> > As the zone files are very different from bind's, then you can't just
> > copy them back and forth.
> That's a very very very bad point.  The master-file format is defined by
> the RFCs.

So what? Just tell axfrdns to give you a zone transfer, and you have the
data in master-file format. And to go the other way, you just tell
axfr-get to get a zone listing of the zone you want, and it will spit it
out in the djbdns format.

djb's rationale for creating a new format was that the old one is rather
difficult to parse -- whereas it is trivial to change the djbdns format
in a script, even using ed.

I just wish that djb would go on to write a DHCP server now -- that is
one of the last areas where ISC software is creating major
headaches. Also because of the file format, and because of the fact that
you *cannot* make it reload its database, you *have* to restart it, and
because it *refuses* to start if there is a syntax error in the
configuration file. "Sorry, you can't reboot your computer now, we're
busy trying to find a syntax error in dhcpd.conf." At least a syntax
checker would be nice, but no ...

-- 
Yours, Sebastian Kirsch <skirsch at moebius.inka.de>

Parents of young organic life forms are warned that towels can be
harmful if swallowed in large quantities.