Re: Debian/Ubuntu: Why was the service renamed from bind9 to named?

Tue, 21 Jul 2020 16:29:25 -0700 


> On 22 Jul 2020, at 08:23, @lbutlr <krem...@kreme.com> wrote:
> 
> On 21 Jul 2020, at 06:37, Mark Andrews <ma...@isc.org> wrote:
>> On 21 Jul 2020, at 18:23, @lbutlr <krem...@kreme.com> wrote:
>>> 
>>> Bind is a poor choice for desktop use. Packages like unbound are much 
>>> better for that sort of use, and it is fr less critical if those packages 
>>> have security issues.
>> 
>> Anything that talks to the net is critical path from a security perspective.
> 
> There are different levels of critical, and unbound is a lot further down 
> that list that bind.

I would beg to differ. From an exposure perspective they are identical. They 
both ask questions onto the network and both have to parse and process those 
answers.  They both produce similar CVSS scores, which are a much more 
objective way of analysis the need to pay attention to a security issues.  BIND 
and UNBOUND both have had CVSS scores of 7.5
for packets of death.

A packet of death that does nothing else has a CVS 3.0 score of 7.5 
(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVSS, v3.0, a score of 0.0 receives a "None" rating; a 0.1-3.9 score gets a 
"Low" severity rating; a score of 4.0-6.9 is a "Medium" rating; score of 
7.0-8.9 is a "High" rating; and a score of 9.0 - 10.0 is a "Critical" rating.

If it the fault leads to a potential remote compromise you get into the 
Critical range.

> -- 
> We are born naked, wet and hungry; then it's all downhill.
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: ma...@isc.org

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users























					Reply via email to