Security Incidents mailing list archives
dns attacks
From: M ixter <mixter () 2XS CO IL>
Date: Mon, 25 Sep 2000 18:20:04 +0200
lately, I've heard some rumours, unconfirmed however, about exploitation of an overflow in nameservers different from the old one, in older bind8 versions. as I couldn't confirm this in the source, maybe finding out if there are any active exploitation attempts of this bug might help to determine if it's a valid issue... if anyone running a secure/patched bind8 name server has recently experienced the following syslog message: Sep 25 18:12:25 host named[390]: bad iquery from <ip.address> ..it'd be interesting to hear about it. ---------------------------------------------------------- Mixter <mixter () 2xs co il>, 2xs LTD. http://www.2xs.co.il
Current thread:
- dns attacks M ixter (Sep 25)
- Re: dns attacks Michal Zalewski (Sep 25)