Sam Trenholme's webpage
Support this website

Deadwood Update

 

November 13 2013

I have updated Deadwood and discuss DNS-over-TCP.

==Deadwood update==

I have fixed some warnings that came up when compiling Deadwood using llvm's clang.

It can be downloaded here:

http://www.maradns.org/deadwood/snap/
==DNS over TCP==

Since this has come up twice this last week: DNS-over-TCP is optional as per section 6.1.3.2 of RFC1123. Any program or web service that considers no DNS-over-TCP an error is not RFC-compliant.

Not having DNS-over-TCP is more secure, because it gives attackers a smaller surface to attack. While I do allow MaraDNS users to have DNS-over-TCP via the zoneserver program (Windows users will just have to modify and compile the source, or use Cygwin if they want zoneserver), it is not necessary or even that good of an idea.

To post a comment about this blog entry, go to the forum (self-signed https). New accounts may post once I approve the account.