Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Compromised...

From: jkrage () BUSER NET (Joshua Krage)
Date: Tue, 8 Feb 2000 18:22:58 -0500

On Mon, Feb 07, 2000 at 11:15:05PM -0500, Jon Lewis wrote:

mentioned rpms), you really need to keep up with Red Hat's security
updates or this will happen again.


Has anyone else noticed problems with Redhat updates?  The perception
that I've had since 6.1 was released is that updates for earlier releases
have stagnated.  And, even for 6.1, updates appear to be behind the times.

Case in point (and going back to the thread), the /latest/ RPM from
updates.redhat.com/6.1/i386 for BIND is labelled bind-8.2.2-P3.

And isc.org recommends 8.2.2-P5.

I understand, in this particular instance, why its that way (the difference
between P3 and P5 is a bug in named-xfer; no security updates), but it
hampers the easy "stay up-to-date" by upgrading to the latest releases
whenever they come out.  Its hard to tell your community 'make sure you
upgrade to BIND 8.2.2-P5', or even 'upgrade to the latest vendor release',
because now either statement will cause confusion when users compare
notes.

Enough ranting.

Adding something useful to the thread; one of my clients has experienced
the recent spate of BIND exploits.  It was preceded by a very fast
DNS inverse query scan, which presumably identified the targets for
the attackers.
Previous By Date Next
Previous By Thread Next

Current thread: