Over the last two years, vulnerabilities in the Bind software used by Domain Name System (DNS) servers have prompted security watchers to consider alternative implementations of DNS software.

Although Bind 9, which has been available since late 2000, is a complete rewrite of Bind and has not yet suffered one security flaw, earlier versions still in use by many have not been so secure.

Various flavours of Bind 4 and 9 suffered bugs in late 2000/early 2001 that have put DNS administrators in an uncomfortable position. But there are alternatives to running Bind.

One such open source project, MaraDNS, has recently gone into beta release, claiming a service that runs as an unprivileged user ID with resistance to buffer overflows.

Other DNS alternative projects include Pdnsd, a caching-only DNS server, and Posadis, which is still in development.