Security Incidents mailing list archives

Re: DNS Bind

From: Mark Teicher <mark.teicher () NETWORKICE COM>
Date: Thu, 1 Feb 2001 08:03:34 -0800

Changing version numbers will definitely cause the actual attack from some
of the DNS version query scripts to fail, but then again changing versions
to avoid will then create a maintenance overhead for administrative staff
to go back in and change the version number back so that when one upgrades
to next the version the correct updates can be applied, and then change the
version number again.  This can be a very tiring process for each
application an administrator does this to.

It would be better if one is discovering updates would just expend their
energy in working with software vendors to eliminate these types of bugs
from the software.

.02

/mark

At 02:57 PM 1/31/01 -0700, Somaini, Justin wrote:

One thing to do is to change the version posting in the named.conf file.
The scanner looking for sub 9.1 could be tricked.  Actual attack failing of
course.

Current thread:

Re: DNS Bind jeremy () hq newdream net (Jan 31)
- <Possible follow-ups>
- Re: DNS Bind Mark Teicher (Feb 01)
  - Re: DNS Bind Paul Doom (Feb 01)