From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 14 04:06:27 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B5876106566B
	for <freebsd-questions@freebsd.org>;
	Tue, 14 Jul 2009 04:06:27 +0000 (UTC)
	(envelope-from jalmberg@identry.com)
Received: from mx1.identry.com (on.identry.com [66.111.0.194])
	by mx1.freebsd.org (Postfix) with ESMTP id DB68C8FC0C
	for <freebsd-questions@freebsd.org>;
	Tue, 14 Jul 2009 04:06:26 +0000 (UTC)
	(envelope-from jalmberg@identry.com)
Received: (qmail 26845 invoked by uid 89); 14 Jul 2009 04:06:45 -0000
Received: from unknown (HELO ?192.168.1.110?) (jalmberg@75.127.142.66)
	by mx1.identry.com with ESMTPA; 14 Jul 2009 04:06:45 -0000
In-Reply-To: <20090713222746.5D519BF05@kev.msw.wpafb.af.mil>
References: <20090713222746.5D519BF05@kev.msw.wpafb.af.mil>
Mime-Version: 1.0 (Apple Message framework v753.1)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <7DD18C43-5B03-4624-9487-ACC4AFAF000F@identry.com>
Content-Transfer-Encoding: 7bit
From: John Almberg <jalmberg@identry.com>
Date: Tue, 14 Jul 2009 00:06:22 -0400
To: vogelke+unix@pobox.com
X-Mailer: Apple Mail (2.753.1)
Cc: freebsd-questions@freebsd.org
Subject: Re: Should DNS be on same server as webserver?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jul 2009 04:06:28 -0000


On Jul 13, 2009, at 6:27 PM, Karl Vogel wrote:

>>> On Mon, 13 Jul 2009 13:03:24 -0400,
>>> Jon Radel <jon@radel.com> said:
>
> J> Apache and Bind have both had their security issues over the  
> years, and
> J> there's something to be said for running them on different  
> servers to
> J> reduce both the "all eggs in one basket" factor and the ease of
> J> spreading an attack.  (Yes, I'm assuming what you're actually
> J> running....)
>
>    You can fix the security problems by dumping Bind and using djbdns.
>    It's very easy to set up a caching nameserver without using all the
>    memory on your system.  See http://www.lifewithdjbdns.com/ for  
> more.


I actually do use djbdns. Super easy to use, once you figure it out.

-- John