Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DNS server crashed

From: Steve Stearns <sterno () BIGBROTHER NET>
Date: Tue, 6 Feb 2001 22:25:38 -0600
On Tue, 6 Feb 2001, Jason Lewis wrote:


Anyone aware of exploits for the recent BIND security holes?  I had a name
server crash today.  Nothing in the logs that point to anything, it was just
down.  It is the only box I can't upgrade BIND on.  It has a funky OS
install and I need to rebuild it from scratch.  I am waiting for new boxes,
so it is low priority.


Well, I'm not exactly aware of one, but I'm suspicious of its
existance.  I had a Linux box get hacked into that only had two services
exposed to the outside world through my firewall: ssh and bind.  Bind
was vulnerable because I got lazy on that box (a situation which I have
now remedied :) ).

So, I'm very suspicious of it being a bind hack (since the same version of
ssh runs on other boxes that weren't hacked).  Either that or a
misconfiguration of my firewall which may be possible, but it didn't look
like it.

---Steve
Previous By Date Next
Previous By Thread Next

Current thread: