Use of Windows DNS Server is falling off dramatically as more users are concerned about the security implications in using the technology.
That’s according to research from Infoblox whose annual survey into the state of the DNS market has just been released. The survey found that the take-up of Windows DNS Server had fallen by half, to just 2.7 percent of the market (from 5 percent in 2006 and 10 percent in 2005).
Users are placing a higher premium on security. The number of adopters of BIND 9, the latest and most secure version of the most common DNS Server, has risen from 61 percent to 65 percent, while BIND 8 use has fallen to just 5.6 percent of the DNS market.
The survey, the third to be released, has also found that the number of DNS servers on the Internet has increased to 11.5 million up from 9 million in 2006, an increase of about 28 percent. That’s a faster increase than the previous year when the number of servers went up by 20 percent from 2005 to 2006.
According to Cricket Liu, Infoblox’s vice president of architecture said "For the overall security of the Internet, it is good to see movement away from Microsoft DNS Servers for external DNS as well as a growing trend to use the most recent versions of BIND, which are more secure."
There were some disappointments though as various errors from sysadmins leave DNS with far too many vulnerabilities. These problems include: network managers continuing to allow recursive queries and zone transfers to arbitrary requesters and a low take-up of new security protocol, DNSSec - the research suggests that just 0.02 percent of zone support the DNSSec. Infoblox suggests that such a low take-up rate means that the standard would be unlikely to succeed on its own.
Readers who would like to see the DNS survey results in more detail should go here.
You can see Cricket Liu interpret some of survey results and explain why DNS is a black art here.