Developer(s) Sam Trenholme Standard(s) RFC1034, RFC1035 License BSD license | Operating system Type DNS server | |
Stable release 2.0.13 / September 25, 2015; 17 months ago (2015-09-25) | ||
MaraDNS is an open-source (BSD licensed) Domain Name System (DNS) implementation, which acts as either a caching, recursive, or authoritative nameserver.
Features
MaraDNS has a string library, which is buffer overflow resistant and has its own random number generator. While MaraDNS does not directly support BIND zone files, its zone file format is similar and a converter to convert from BIND's zone file format is included. MaraDNS runs as an unprivileged user inside of a chroot environment, while MaraDNS specifies the user and group to run as by user-ID, Simon Burnet has made a patch that makes it possible to supply a username MaraDNS can add both IP records and the corresponding PTR "reverse DNS lookup" record. It can be used as a master DNS server, and, with some caveats, as a slave DNS server.
Deadwood includes built-in "DNS wall" filtering (to protect against external domains which resolve to local IPs), the ability to read and write the cache to a file, DNS-over-TCP support, the ability to optionally reject MX, IPv6 AAAA, and PTR queries, code that stops AR-spoofing attacks, among other features.
MaraDNS releases are distributed with a BSD-type license.