[NCLUG] Script Kiddies - BIND 8.2.2 exploit

Mike Loseke mike at verinet.com
Tue Feb 20 14:08:09 MST 2001


Thus spake Quent:
> Version 9.1 is the latest, "fixed" cool version. It has some nice new
> features, such as "views", where you can set up and internal and external
> DNS with one named instance.

 Sweet, been looking for this for a few years now. :-)

> Version 8.2.3 is the latest release of BIND 8 with security fixes, so
> you should be okay.

 I was asking only because this particular RPM is of a slightly lower rev
than the one for the for redhat 7.0 update (I think it's a 1.0 rev).

 Thanks!


> I'm going by ISC's versions and not any RPM release numbers.
> 
> 	Quent
> 
> 
> On Tue, Feb 20, 2001 at 09:55:55AM -0700, Mike Loseke wrote:
> > Thus spake John L. Bass:
> > > Hi Guys,
> > > 
> > > For those that haven't closed the BIND/named 8.2.2 exploit yet, better get with
> > > it. The script kiddies hit 3 of the machines on the CWX network this last week.
> > > 
> > > Upgrading to 8.2.3 bits is one fix, blocking access with ipchains another, or
> > > for machines not externally serving zone/DNS entries, using the listen-on option
> > > for your local lan subnet. 
> > 
> >  For those in tune with bugtraq and everything else nowadays, what is the
> > minimum safe level for bind? I thought I heard that there was a hiccup with
> > the first fix or something. I have bind-8.2.3-0.5.x.i386.rpm installed on my
> > soon to be upgraded dns server and I'm hoping this is good enough for the
> > interim.


-- 
   Mike Loseke    | If at first you don't succeed,
 mike at verinet.com | increase the amperage.



More information about the NCLUG mailing list