Djbdns

Infobox Software
name = djbdns



caption =
developer = Daniel J. Bernstein
latest release version = 1.05
latest release date = February 11, 2001
latest preview version =
latest preview date =
operating system = Unix-like
platform =
genre = DNS server
license = Public domain
website = http://cr.yp.to/djbdns.html
The djbdns software package is a simple and security-aware DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. There is an as-yet-unclaimed $1000 prize [cite web
url=http://cr.yp.to/djbdns/guarantee.html
title=The djbdns security guarantee
accessdate=2008-09-02
] for the first person to find a privilege escalation security hole in djbdns.

As of 2004, it was the second most popular DNS server. [cite web | last = Moore | first = Don | year = 2004 | url = http://mydns.bboy.net./survey/ | title = DNS server survey | accessdate = 2005-01-06 ]

djbdns has never been vulnerable to the cache-poisoning vulnerability reported in July 2008. [cite web
url = http://www.kb.cert.org/CERT_WEB%5Cservices%5Cvul-notes.nsf/id/800113
title = Multiple DNS implementations vulnerable to cache poisoning
accessdate = 2008-08-05
] [cite web
url = http://www.doxpara.com/?p=1162
title = An Astonishing Collaboration
accessdate = 2008-08-05
]

The components of djbdns

Servers:
* dnscache -- the dns resolver and cache.
* tinydns -- a database-driven dns server.
* walldns -- a "reverse DNS wall", providing IP to domain name lookup only.
* rbldns -- a server designed for dns blacklisting service.
* pickdns -- a database-driven server that chooses from matching records depending on the requester's location. (This feature is now a standard part of tinydns.)
* axfrdns -- a zone-transfer server.

Client tools:
* axfr-get -- a zone-transfer client.
* dnsip -- simple address from name lookup.
* dnsipq -- address from name lookup with rewriting rules.
* dnsname -- simple name from address lookup.
* dnstxt -- simple text record from name lookup.
* dnsmx -- mail exchanger lookup.
* dnsfilter -- looks up names for addresses read from stdin, in parallel.
* dnsqr -- recursive general record lookup.
* dnsq -- non-recursive general record lookup, useful for debugging.
* dnstrace (and dnstracesort) -- comprehensive testing of the chains of authority over dns servers and their names.

...and several associated configuration tools.

In djbdns, different features and services, such as AXFR zone transfers, are split off into separate programs. Zone file parsing, DNS caching, and recursive resolving are also implemented as separate programs. The result of these design decisions is a dramatic reduction in code size and complexity of the daemon program that answers lookup requests. Daniel J. Bernstein (and many others) feel that this is true to the spirit of the Unix operating system, and makes security verification much simpler.

Copyright status

On December 28, 2007, Bernstein released djbdns into the public domain. [cite web
url = http://cr.yp.to/distributors.html
title = Frequently asked questions from distributors
accessdate = 2007-12-31
] Formerly, the package was distributed as license-free software, which created challenges for inclusion in some Linux distributions.

See also

* Comparison of DNS server software

References

External links

* [http://cr.yp.to/djbdns.html djbdns official homepage]
* [http://lifewithdjbdns.org/ A guide to djbdns]
* [http://djbdns.faqts.com/ The djbdns section of FAQTS]
* [http://www.tinydns.org/ Unofficial website]
* [http://www.djbdnsrocks.org/ A djbdns guide and tutorial with addon]
*cite web|url=http://homepages.tesco.net./~J.deBoynePollard/FGA/djbdns-myths-dispelled.html|title=Some of what is said about djbdns is wrong.|author=Jonathan de Boyne Pollard|work=Frequently Given Answers — Jonathan de Boyne Pollard's debunking of several myths relating to djbdns
*cite web|url=http://homepages.tesco.net./~J.deBoynePollard/FGA/djbdns-problems.html|title=The known problems with Dan Bernstein's djbdns|author=Jonathan de Boyne Pollard|work=Frequently Given Answers — Jonathan de Boyne Pollard's list of the several known problems in djbdns
* [http://www.anders.com/projects/sysadmin/djbdnsRecordBuilder/ Supporting newer record formats through generic records.]
* [http://lwn.net/2001/features/djbdns.php3 LWN (Linux weekly news) looks at djbdns]


Wikimedia Foundation. 2010.

Look at other dictionaries:

  • djbdns — Developer(s) Daniel J. Bernstein Stable release 1.05 / February 11, 2001 Operating system Unix like Type DNS server …   Wikipedia

  • Djbdns — Тип DNS сервер Разработчик Дэниел Джулиус Бернштейн Написана на Си ОС UNIX Версия 1.05 (11 февраля …   Википедия

  • djbdns — Тип DNS сервер Разработчик Дэниел Джулиус Бернштейн Написана на Си Операционная система UNIX Последняя версия 1.05 (11 февраля 2001) Лицензия …   Википедия

  • Djbdns — Entwickler: Daniel J. Bernstein Aktuelle Version: 1.05 Betriebssystem: diverse Unix Derivate Kategorie: DNS Serve …   Deutsch Wikipedia

  • djbdns — Entwickler Daniel J. Bernstein Aktuelle Version 1.05 Betriebssystem diverse Unix Derivate Kategorie DNS Server Lizenz …   Deutsch Wikipedia

  • Comparison of DNS server software — Contents 1 Servers compared 1.1 BIND 1.2 Microsoft DNS 1.3 Dn …   Wikipedia

  • Daniel J. Bernstein — Daniel Bernstein Born October 29, 1971 (1971 10 29) (age 40) East Patchogue, New York[ …   Wikipedia

  • dbndns — Developer(s) Debian Project Stable release 1.05 7 / 2009 09 30 Operating system Unix like Type DNS server …   Wikipedia

  • Dan Kaminsky — Kaminsky in 2007. Occupation Computer security researcher Known for Discovering the 2008 DNS cache poisoning vulnerability Dan Kam …   Wikipedia

  • LxAdmin — Infobox Software name = Lxadmin caption = developer = [http://lxlabs.com Lxlabs] latest release version = 5.0 platform = Linux, Windows genre = Control Panel source model = Proprietary license = Proprietary website =… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”