[NCLUG] Script Kiddies - BIND 8.2.2 exploit

Quent quent at pobox.com
Tue Feb 20 13:55:23 MST 2001


Version 9.1 is the latest, "fixed" cool version. It has some nice new
features, such as "views", where you can set up and internal and external
DNS with one named instance.

Version 8.2.3 is the latest release of BIND 8 with security fixes, so
you should be okay.

I'm going by ISC's versions and not any RPM release numbers.

	Quent


On Tue, Feb 20, 2001 at 09:55:55AM -0700, Mike Loseke wrote:
> Thus spake John L. Bass:
> > Hi Guys,
> > 
> > For those that haven't closed the BIND/named 8.2.2 exploit yet, better get with
> > it. The script kiddies hit 3 of the machines on the CWX network this last week.
> > 
> > Upgrading to 8.2.3 bits is one fix, blocking access with ipchains another, or
> > for machines not externally serving zone/DNS entries, using the listen-on option
> > for your local lan subnet. 
> 
>  For those in tune with bugtraq and everything else nowadays, what is the
> minimum safe level for bind? I thought I heard that there was a hiccup with
> the first fix or something. I have bind-8.2.3-0.5.x.i386.rpm installed on my
> soon to be upgraded dns server and I'm hoping this is good enough for the
> interim.
> 
> -- 
>    Mike Loseke    | If at first you don't succeed,
>  mike at verinet.com | increase the amperage.
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
> 
> 



More information about the NCLUG mailing list