Login
Login

MaraDNS

{{Infobox Software

| name = MaraDNS

| logo =

| screenshot =

| caption =

| developer = Sam Trenholme

| latest_release_version = 3.5.0036

| latest_release_date = {{release date and age|2023|5|2}}{{cite web|url=http://maradns.samiam.org/changelog.html|title=MaraDNS changelog|accessdate=1 May 2023}}

| latest_preview_version =

| latest_preview_date =

| operating_system = Unix-like, Windows

| platform =

| genre = DNS server

| license = BSD license

| website = [https://maradns.samiam.org/ https://maradns.samiam.org/]

| standard = RFC1034, RFC1035

}}

MaraDNS is an open-source (BSD licensed) Domain Name System (DNS) implementation, which acts as either a caching, recursive, or authoritative nameserver.

{{cite book

|last = Mens

|first = Jan-Piet

|title = Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends (Paperback)

|publisher = UIT Cambridge Ltd.

|year = 2008

|pages = 76–94

|isbn = 978-0-9544529-9-5}} This book devotes an entire chapter to MaraDNS

{{cite web

|url=http://blogs.zdnet.com/security/?p=1562

|archive-url=https://web.archive.org/web/20080729044942/http://blogs.zdnet.com/security/?p=1562

|url-status=dead

|archive-date=July 29, 2008

|title=How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability

|last=Danchev

|first=Dancho

|publisher=ZDNet

|accessdate=2009-10-10

}}

{{Citation

|author1 = Jian Jiang

|author2 = Jinjin Liang

|author3 = Kang Li

|author4 = Jun Li

|author5 = Haixin Duan

|author6 = Jianping Wu

|title = Ghost Domain Names: Revoked Yet Still Resolvable

|year = 2012

|page = 10

|url = http://www.isc.org/files/imce/ghostdomain_camera.pdf

|url-status = dead

|archiveurl = https://web.archive.org/web/20130425052357/https://www.isc.org/files/imce/ghostdomain_camera.pdf

|archivedate = 2013-04-25

}}

{{cite book

|last = Schroder

|first = Carla

|title = Linux Networking Cookbook (Paperback)

|page = 545

|publisher = O'Reilly

|year = 2007

|isbn = 978-0-596-10248-7}}

Features

MaraDNS has a string library, which is buffer overflow resistant and has its own random number generator. While MaraDNS does not directly support BIND zone files, its zone file format is similar and a converter to convert from BIND's zone file format is included.{{cite web

|url=http://linuxmafia.com/faq/Network_Other/dns-servers.html#maradns

|title=DNS Server (and Related) Software for Unix (MaraDNS section)

|accessdate=2013-04-05

}} MaraDNS runs as an unprivileged user inside of a chroot environment, while MaraDNS specifies the user and group to run as by user-ID, Simon Burnet has made a patch that makes it possible to supply a username {{cite web

|url = http://www.simonbur.net/index.php/my-software/open-source

|title = Open Source Patches

|accessdate = 2013-04-05

|url-status = dead

|archiveurl = https://archive.today/20130703092247/http://www.simonbur.net/index.php/my-software/open-source

|archivedate = 2013-07-03

}} MaraDNS can add both IP records and the corresponding PTR "reverse DNS lookup" record.

{{cite book

|last = Mens

|first = Jan-Piet

|title = Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends (Paperback)

|publisher = UIT Cambridge Ltd.

|year = 2008

|pages = 66, 81

|isbn = 978-0-9544529-9-5}}

It can be used as a master DNS server, and, with some caveats, as a slave DNS server.

{{cite book

|last = Mens

|first = Jan-Piet

|title = Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends (Paperback)

|publisher = UIT Cambridge Ltd.

|year = 2008

|pages = 87, 89

|isbn = 978-0-9544529-9-5}}

MaraDNS currently does not support DNSSEC because of a lack of money for the developer to implement it using the LibTom library.{{cite web

|url=http://maradns.samiam.org/products.html

|title=I would love DNSSEC for MaraDNS

|accessdate=2017-10-26}}

Deadwood includes built-in "DNS wall" filtering (to protect against external domains which resolve to local IPs), the ability to read and write the cache to a file, DNS-over-TCP support, the ability to optionally reject MX, IPv6 AAAA, and PTR queries, code that stops AR-spoofing attacks, among other features.{{cite web

|url=http://linuxmafia.com/faq/Network_Other/dns-servers.html#deadwood

|title=DNS Server (and Related) Software for Unix (Deadwood section)

|accessdate=2013-04-05

}}

MaraDNS releases are distributed with a BSD-type license.

{{cite book

|last = Mens

|first = Jan-Piet

|title = Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends (Paperback)

|publisher = UIT Cambridge Ltd.

|year = 2008

|page = 97

|isbn = 978-0-9544529-9-5}} "The program is released under a BSD-type license"

See also

{{Portal|Free and open-source software}}

References

{{Reflist}}

External links

  • [https://maradns.samiam.org/ Official website]
  • [https://maradns.samiam.org/blog/ Official blog]
  • [http://linuxmafia.com/faq/Network_Other/dns-servers.html#deadwood Rick Moen on Deadwood] (MaraDNS 2's recursive resolver)
  • [http://linuxmafia.com/faq/Network_Other/dns-servers.html#maradns Rick Moen on MaraDNS]

Category:DNS software

Category:Free network-related software

Category:DNS server software for Linux

Category:Software using the BSD license