On 2013-10-12 12:34, Julian H. Stacey wrote: > RW wrote: >> On Sat, 12 Oct 2013 10:44:56 +0200 >> Ivan Voras wrote: >> >>> explaning the user what has happened and optionally invoking "host" >>> or "dig". >> Actually dig has gone > Rather cryptic for me so I looked: > > dig has gone from current src/usr.bin/dig > nslookup & dig & host > are all installed by either of current > ports/dns/bind99 or ports/dns/bind-tools > > >> and has been replaced by the unbound utility >> drill. > src/usr.bin/drill/ > > > I agree with O.P. Zhifeng Hu's "this is a very basic tools". > > Removing src/contrib/bind9 from FreeBSD-10 will get criticised as: > "Calls itself a server OS, but no name server out of the box!" > > Please resist periodic urges to strip src/ towards just a tool set > capable of rebuilding itself. Tossing expected tools (even if a > port is more up to date & secure) will annoy users, & potential > immigrants from other Unixes may try then toss FreeBSD. > > Cheers, > Julian It is easier to keep bind up to date from ports. If you want DNSSEC support in 9, you have to replace the bind in base anyway.... bind is replaced with unbound, which providers most of the functionality required in most instances. I forget the exact numbers, but when I looked about 20 of the security advisories over the last 10 years have been because of bind. That is over 12% of all vulnerabilities. -- -- Allan JudeReceived on Sat Oct 12 2013 - 16:18:06 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:42 UTC