MaraDNS

MaraDNS
MaraDNS
Developer(s) Sam Trenholme
Stable release 2.0.02 / February 5, 2011; 8 months ago (2011-02-05)
Operating system Unix-like, Windows
Type DNS server
License BSD license
Website www.maradns.org
Standard(s) RFC1034, RFC1035
As of November 11, 2009

MaraDNS is a security-aware Domain Name System (DNS) implementation[1] [2]. Along with BIND, NSD, djbdns, and PowerDNS, it is one of a small number of DNS servers with published source code. Like BIND and djbdns, MaraDNS can function either as an authoritative DNS server, as a "recursive" DNS cache that uses the DNS root nameservers, or as a "forwarder" cache reliant on other recursive DNS servers. [3] The first version of MaraDNS was released on June 21, 2002 [4] and a number of releases have been made since then. In October 2009 the author announced plans to stop any further development beyond basic bug fixes after the release of MaraDNS 2.0[5]. At least one independent book has recommended MaraDNS for public facing DNS servers[6]

Contents

Criticisms

MaraDNS has limited support for being a slave DNS server. While MaraDNS includes a tool that can receive zone files, this process needs to be automated via an external program, such as crontab, and MaraDNS needs to be restarted to load the zone in question.

While MaraDNS can resolve almost any site that other DNS servers can resolve, it does not resolve all names the same way other DNS servers do. CNAME and ANY records, in particular, are resolved differently. [7]

MaraDNS spawns a thread for each recursive DNS request that is not already cached.

MaraDNS has had a few security problems, as described in the MaraDNS security document. MaraDNS 1.2 has recently been shown to be vulnerable to three Denial-of-service attacks via memory leak errors; all three memory leaks do not exist in MaraDNS 1.0, and have been patched in MaraDNS 1.2.12.06. There was also a memory leak that was patched in MaraDNS 1.2.12.01 and MaraDNS 1.0.39, and a memory leak in MaraDNS 1.2.12.06 that is only triggered when a parameter not set in the default installation is set.

Licensing

MaraDNS 1.0 releases (including all current bug fixes) have been released to the public domain. MaraDNS 1.2 releases are copyrighted but are distributed with a simplified two-clause BSD licence. [8]

See also

References

  1. ^ Mens, Jan-Piet (2008). Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends (Paperback). UIT Cambridge Ltd.. ISBN 0954452992. 
  2. ^ Danchev, Dancho. "How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability". ZDNet. http://blogs.zdnet.com/security/?p=1562. Retrieved 2009-10-10. 
  3. ^ "MaraDNS intro". http://www.maradns.org/tutorial/dnsintro.html. Retrieved 2007-10-02. 
  4. ^ "MaraDNS changelog". http://www.maradns.org/changelog.html. Retrieved 2007-10-02. 
  5. ^ "An open source developer grows up". http://maradns.blogspot.com/2009/10/every-open-source-developer-grows-up.html. Retrieved 2010-01-10. 
  6. ^ Schroder, Carla (2007). Linux Networking Cookbook (Paperback). O'Reilly. p. 545. ISBN 0596102488. 
  7. ^ "MaraDNS manual". http://www.maradns.org/tutorial/man.maradns.html. Retrieved 2007-10-02. 
  8. ^ "MaraDNS license". http://www.maradns.org/license.html. Retrieved 2007-10-02. 

External links


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Comparison of DNS server software — Contents 1 Servers compared 1.1 BIND 1.2 Microsoft DNS 1.3 Dn …   Wikipedia

  • NAPTR record — A Name Authority Pointer (NAPTR) is a type of resource record used in the Domain Name System (DNS).[1][2] Contents 1 Rationale 2 Example 3 …   Wikipedia

  • ДНС — DNS Название: Domain Name System Уровень (по модели OSI): Прикладной Семейство: TCP/IP Порт/ID: 53/UDP Назначение протокола: Разрешение доменных имён Спецификация: RFC 1034, RFC 1035 / STD 13 Основные реализации (клиен …   Википедия

  • Wildcard DNS record — A wildcard DNS record is a record in a DNS zone that will match requests for non existent domain names. A wildcard DNS record is specified by using a * as the left most label (part) of a domain name, e.g. *.example.com. The exact rules about when …   Wikipedia

  • Whirlpool (cryptography) — WHIRLPOOL redirects here. This article is about the algorithm. For other uses, see Whirlpool (disambiguation). Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function designed by Vincent Rijmen (co creator of the Advanced… …   Wikipedia

  • Duende — may refer to: another name for an elf Duende (mythology), a fairy or goblin like creature in Spanish and Latin American mythology Duende (art), a difficult to define phrase in the Spanish arts that connotes emotion and authenticity Duende – A… …   Wikipedia

  • Comparison of IPv6 application support — This is a comparison of popular Internet applications in regards to their support of the IPv6 protocol. Applications Application Category IPv6 supported? Zone ID supported? Earliest version # with IPv6 support Notes Reference links AbsoluteTelnet …   Wikipedia

  • Dan Kaminsky — Kaminsky in 2007. Occupation Computer security researcher Known for Discovering the 2008 DNS cache poisoning vulnerability Dan Kam …   Wikipedia

  • DNS-Server — Domain Name System (DNS) Familie: Internetprotokollfamilie Einsatzgebiet: Namensauflösung Ports: 53/UDP, 53/TCP DNS im TCP/IP‑Protokollstapel: Anwendung DNS Transport UD …   Deutsch Wikipedia

  • DNS Server — Domain Name System (DNS) Familie: Internetprotokollfamilie Einsatzgebiet: Namensauflösung Ports: 53/UDP, 53/TCP DNS im TCP/IP‑Protokollstapel: Anwendung DNS Transport UD …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”