From owner-freebsd-questions@FreeBSD.ORG Thu Mar 23 00:29:12 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5538B16A400 for ; Thu, 23 Mar 2006 00:29:12 +0000 (UTC) (envelope-from rmeek@russellmeek.net) Received: from aries.russellmeek.net (aries.russellmeek.net [64.92.164.178]) by mx1.FreeBSD.org (Postfix) with ESMTP id C93F443D5A for ; Thu, 23 Mar 2006 00:29:10 +0000 (GMT) (envelope-from rmeek@russellmeek.net) Received: (qmail 75303 invoked by uid 89); 23 Mar 2006 00:29:10 -0000 Received: by simscan 1.2.0 ppid: 75298, pid: 75300, t: 0.0935s scanners: attach: 1.2.0 clamav: 0.88/m:36/d:1348 Received: from unknown (HELO ?192.168.8.104?) (rmeek@russellmeek.net@64.212.109.78) by mx1.russellmeek.net with (DHE-RSA-AES256-SHA encrypted) SMTP; 23 Mar 2006 00:29:09 -0000 Message-ID: <4421EBD4.9000501@russellmeek.net> Date: Wed, 22 Mar 2006 19:29:08 -0500 From: "Russell E. Meek" User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: Steve Camp , freebsd-questions@freebsd.org References: <20060322170833.G8316@aslan.camp.com> In-Reply-To: <20060322170833.G8316@aslan.camp.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: TinyDNS question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2006 00:29:12 -0000 Steve Camp wrote: > Hi Russell, > > I am not very familiar with TinyDNS, other than it originated from > D.J. Bernstein, and, as such, I tend to think of it as > > o small > o fast > o secure > > Does that pretty well sum up TinyDNS? Are there any downsides to > TinyDNS? Are there any things that "normal" DNS (i.e. BIND) can do, > that TinyDNS cannot? > > Regards, > > -- > Steve Camp > steve@camp.com > > > On Thu, Mar 23, 2006 at 12:06:17AM -0000, anonymous@aries.russellmeek.net wrote: > >> Steve, >> >> If you are using TinyDNS (DJBDNS) then VegaDNS www.vegadns.org will allow >> you to accomplish exactly what you are looking for. >> >> Check it out, seems to work extremely well. >> >> Thanks, >> >> Russell >> >> On 3/22/2006, "Steve Camp" wrote: >> >> >>> Someone is potentially interested in leasing a domain name from me. >>> One of the technical points is DNS control. What DNS tools exist that >>> would allow me to maintain the DNS servers, but let this party login >>> and administer DNS entries. I'm thinking along the lines of some sort >>> of web-based tool. A user would login / authenticate themselves, but >>> the tool would limit the domains they could manage in some fashion. >>> >>> Regards, >>> >>> -- >>> Steve Camp >>> steve@camp.com >>> >>> >>> _______________________________________________ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >>> Steve, Yes the DJBDNS suite (TinyDNS, DNSCache) is much more secure and faster than BIND. Many people have issues with Bernsteins licenses, etc. For me it does not matter. TinyDNS is a different setup for creating A records and such, but once learned is much better than BIND. DJBDNS is just like QMail - a collection of small apps to perform the larger job at hand. Here are a couple of excellent sites to get you started. http://www.lifewithdjbdns.com/ http://matt.simerson.net/computing/dns/djbdns-freebsd.shtml (Excellent Qmail information also) http://ezine.daemonnews.org/200210/ezdjbdns.html (DJBDNS Setup for FreeBSD) Just remember that once properly configured many of the main "security" exploits you find BIND suffers from (Cache Poisoning, etc.) are extremely difficult to perform if not impossible to perform. Thanks, Russell