[NCLUG] Script Kiddies - BIND 8.2.2 exploit
Mike Loseke
mike at verinet.com
Tue Feb 20 09:55:55 MST 2001
Thus spake John L. Bass:
> Hi Guys,
>
> For those that haven't closed the BIND/named 8.2.2 exploit yet, better get with
> it. The script kiddies hit 3 of the machines on the CWX network this last week.
>
> Upgrading to 8.2.3 bits is one fix, blocking access with ipchains another, or
> for machines not externally serving zone/DNS entries, using the listen-on option
> for your local lan subnet.
For those in tune with bugtraq and everything else nowadays, what is the
minimum safe level for bind? I thought I heard that there was a hiccup with
the first fix or something. I have bind-8.2.3-0.5.x.i386.rpm installed on my
soon to be upgraded dns server and I'm hoping this is good enough for the
interim.
--
Mike Loseke | If at first you don't succeed,
mike at verinet.com | increase the amperage.
More information about the NCLUG
mailing list