19 points | by feldrim 2 days ago
14 comments
When I read "PDNS", I will probably always think "PowerDNS".
“PDNS” also often refers to “Passive DNS”, never heard of “protective dns” before.
Yes. That's why I put the footnote there.
Well, I read that footnote, but I'm not sure if overloading the acronym is the best idea, is what I'm trying to say.
I agree with you there. But the term does not belong to me buy yo CISA and other organisations. But it's not as bad as Cyber Security Awareness Month acronym at least
I love Technitium DNS and have run it for several years now. Thanks for the contributions.
Don't get too exited - Technitium has a bus factor of one, a very small user base and no previous auditing.
Yea, I often wonder when I see this type of article, why don't they just use bind9?
No other DNS resolver is going to come close to it's number of deployment*years in operation.
I didn't read the article though, since I'm not going to enable javasript and cookies just to read someone's blag post 8-/
HTML much?
> why don't they just use bind9?
Because bind9 is not a dns server but a collection of all available CVE types for further studying.
The only problem there is for GDPR consent thingy. You can disable and proceed. I don't use any telemetry except for the consent banners.
When it comes to Technitium, well, it's written in the blog.
And yet here I am deploying it in production
You are a brave fellow!
Not so much, just old enough to do proper risk analysis and have safeguards in place.
I've played with threat intelligence to build a simple, on premises PDNS out of a privacy-focused DNS server.
When I read "PDNS", I will probably always think "PowerDNS".
“PDNS” also often refers to “Passive DNS”, never heard of “protective dns” before.
Yes. That's why I put the footnote there.
Well, I read that footnote, but I'm not sure if overloading the acronym is the best idea, is what I'm trying to say.
I agree with you there. But the term does not belong to me buy yo CISA and other organisations. But it's not as bad as Cyber Security Awareness Month acronym at least
I love Technitium DNS and have run it for several years now. Thanks for the contributions.
Don't get too exited - Technitium has a bus factor of one, a very small user base and no previous auditing.
Yea, I often wonder when I see this type of article, why don't they just use bind9?
No other DNS resolver is going to come close to it's number of deployment*years in operation.
I didn't read the article though, since I'm not going to enable javasript and cookies just to read someone's blag post 8-/
HTML much?
> why don't they just use bind9?
Because bind9 is not a dns server but a collection of all available CVE types for further studying.
The only problem there is for GDPR consent thingy. You can disable and proceed. I don't use any telemetry except for the consent banners.
When it comes to Technitium, well, it's written in the blog.
And yet here I am deploying it in production
You are a brave fellow!
Not so much, just old enough to do proper risk analysis and have safeguards in place.
I've played with threat intelligence to build a simple, on premises PDNS out of a privacy-focused DNS server.