Re: root name server corruption, denial of service prob

[markk () internic net (Mark Kosters)]

> I was told that internic database had a corruption, someone fell asleep on
> their keyboard or something, anyway point is there are inaccurate records
> in there that need to be fixed up. I fyou depend on reverse lookups not
> lying to allow acces then you can get a denial of service.

Not quite true. A number of the root name servers (outside of our
control) allowed recursion and got infected with bad data which
in turn aided in spreading it to other non-recursive servers. The roots
have since been fixed. We put in a patch to help aid in stopping this.

> Restarting your nameserver should fix things, but if your BIND is pre 4.9
> then it might be harder to get rid of the problems. It'd be a good idea to
> upgrade asap to BIND 4.9.2-940221. This should fix any refresh probs.

Bind 4.9.2-940221 is a bad idea especially for busy servers since
it has a file descriptor leak. 4.9.3 is much better (now in beta).
Here is info on where to get it:

# Getting the bits is tricky.  If you have 4.9.3-BETA7 PATCH1, you only need to
# apply PATCH2 (included below).  If you don't have BETA7 PATCH1 running, you
# need to get them and then apply PATCH2 (see below).  The files are all on
# ftp.uu.net:~ftp in an unreadable directory called /private/bind:
# 
# -rw-rw-r--  1 vixie    archive   1289153 Jul 11 03:56 bind-4.9.3-BETA7.tar.gz
# -rw-rw-r--  1 vixie    archive     24196 Jul 19 18:56 b7p1
# -rw-rw-r--  1 vixie    archive      7023 Jul 19 18:56 b7p2

Mark

-- 

Mark Kosters              markk () internic net        +1 703 742 4795
Software Engineer   InterNIC Registration Services