Re: DNS Injection Problem

["Blade Runner" <blade () seven com br>]

> Do you have bind interacting with a windows Active Directory Setup
> which allows clients to update / modify DNS in bind?

No we don't have this kind of service running ...yet.

> > Web Server: apache 1.3.27 + php-4.3.1 + SquirrelMail 1.4.0
>
> Squirrel Mail has had quite a number of security problems in the past,
> Have you kept on top of the patches and updates for it in the past?
> Danny
> Network Security Engineer

Yes, I thought about that either, I am looking in SquirrelMail mailing
list for this version's bugs and checking the PHP configuration.
By now I redirected the webmail sevice to another machine.

Thanks for the advice.




-- 
Blade Runner - Squirrel Mail
Linux Powered
ICQ 40959703
http://www.seven.com.br

----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place. http://www.securityfocus.com/BlackHat-incidents 
----------------------------------------------------------------------------