A group of experts has released an open source alternative to the BIND DNS server software that boasts higher performance and better security. A group of experts has released an open source alternative to the BIND DNS server software that boasts higher performance and better security.The new DNS server – dubbed Unbound 1.0 – is available here.Unbound is a recursive DNS server, which is used by ISPs and enterprises to support DNS look-ups by users. DNS is the feature of the Internet that matches domain names with IP addresses, and it is used for Web browsing, e-mail and Internet-based telephony.Unbound was released Tuesday to open source developers by NLnet Labs, VeriSign, Nominet and Kirei. NLnet Labs, a nonprofit research firm based in The Netherlands, will provide ongoing support for the software.From its first prototype in 2004, Unbound was designed to be a faster, more secure replacement for BIND. Unbound supports DNS security extensions (DNSSEC), which authenticate DNS lookups but are not yet widely deployed because they rely on a public key infrastructure. “One of the main advantages is that it’s high performing. We designed it from the beginning to be fast,” says Matt Larson, director of DNS research with VeriSign. “We also designed it from the beginning to support DNSSEC. Other DNS servers had to bolt that on, but we were able to start fresh.”VeriSign has tested Unbound but isn’t using it in production mode. VeriSign runs the authoritative DNS servers for .com and .net, which are the servers that respond to queries from recursive DNS servers like Unbound. VeriSign uses homegrown software it calls ATLAS for its authoritative DNS servers.VeriSign said that by offering Unbound to the open source community, it is trying to give back to the Internet community.“Our goal [with Unbound] is to have an active community. We want to get to the point where the community is looking at it, monitoring it and adding patches,” Larson says. “This is just another example of VeriSign’s innovation. We’re always moving forward.”Developed in the early 1980s, BIND (Berkeley Internet Name Domain) is the most popular DNS server software on the Internet. However, BIND has suffered from serious security flaws, even in its current release, BIND 9.BIND alternatives already exist, including DNS server software from Microsoft and Cisco and appliances from Infoblox, InfoWeapons and others. Another option is free DNS services from OpenDNS and NeuStar. Related content news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability brandpost The advantages and risks of large language models in the cloud Understanding the pros and cons of LLMs in the cloud is a step closer to optimized efficiency—but be mindful of security concerns along the way. By Daniel Prizmant, Senior Principal Researcher at Palo Alto Networks Oct 03, 2023 5 mins Cloud Security news Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks The vulnerability with active exploitations allows local non-privileged users to access freed-up memory for staging new attacks. By Shweta Sharma Oct 03, 2023 3 mins Android Security Vulnerabilities news UK businesses face tightening cybersecurity budgets as incidents spike More than a quarter of UK organisations think their cybersecurity budget is inadequate to protect them from growing threats. By Michael Hill Oct 03, 2023 3 mins CSO and CISO Risk Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe