[NCLUG] Script Kiddies - BIND 8.2.2 exploit
Quent
quent at pobox.com
Tue Feb 20 14:07:51 MST 2001
On Tue, Feb 20, 2001 at 01:55:23PM -0700, Quent wrote:
> Version 9.1 is the latest, "fixed" cool version. It has some nice new
> features, such as "views", where you can set up and internal and external
^^^^
Doh! AN !!
Quent
> DNS with one named instance.
>
> Version 8.2.3 is the latest release of BIND 8 with security fixes, so
> you should be okay.
>
> I'm going by ISC's versions and not any RPM release numbers.
>
> Quent
>
>
> On Tue, Feb 20, 2001 at 09:55:55AM -0700, Mike Loseke wrote:
> > Thus spake John L. Bass:
> > > Hi Guys,
> > >
> > > For those that haven't closed the BIND/named 8.2.2 exploit yet, better get with
> > > it. The script kiddies hit 3 of the machines on the CWX network this last week.
> > >
> > > Upgrading to 8.2.3 bits is one fix, blocking access with ipchains another, or
> > > for machines not externally serving zone/DNS entries, using the listen-on option
> > > for your local lan subnet.
> >
> > For those in tune with bugtraq and everything else nowadays, what is the
> > minimum safe level for bind? I thought I heard that there was a hiccup with
> > the first fix or something. I have bind-8.2.3-0.5.x.i386.rpm installed on my
> > soon to be upgraded dns server and I'm hoping this is good enough for the
> > interim.
> >
> > --
> > Mike Loseke | If at first you don't succeed,
> > mike at verinet.com | increase the amperage.
More information about the NCLUG
mailing list