Security Incidents mailing list archives
Re: Compromised...
From: jkrage () BUSER NET (Joshua Krage)
Date: Tue, 8 Feb 2000 18:22:58 -0500
On Mon, Feb 07, 2000 at 11:15:05PM -0500, Jon Lewis wrote:
mentioned rpms), you really need to keep up with Red Hat's security updates or this will happen again.
Has anyone else noticed problems with Redhat updates? The perception that I've had since 6.1 was released is that updates for earlier releases have stagnated. And, even for 6.1, updates appear to be behind the times. Case in point (and going back to the thread), the /latest/ RPM from updates.redhat.com/6.1/i386 for BIND is labelled bind-8.2.2-P3. And isc.org recommends 8.2.2-P5. I understand, in this particular instance, why its that way (the difference between P3 and P5 is a bug in named-xfer; no security updates), but it hampers the easy "stay up-to-date" by upgrading to the latest releases whenever they come out. Its hard to tell your community 'make sure you upgrade to BIND 8.2.2-P5', or even 'upgrade to the latest vendor release', because now either statement will cause confusion when users compare notes. Enough ranting. Adding something useful to the thread; one of my clients has experienced the recent spate of BIND exploits. It was preceded by a very fast DNS inverse query scan, which presumably identified the targets for the attackers.
Current thread:
- Re: Compromised..., (continued)
- Re: Compromised... David Bernick (Feb 07)
- Re: Compromised... Japheth (Feb 07)
- Re: Compromised... Simon Britnell (Feb 08)
- Re: Compromised... technot (Feb 09)
- Re: Compromised... Sebastian (Feb 09)
- Prank phone calls related to recent break-ins? Nate Carlson (Feb 09)
- Question about event log events JF Prieur (Feb 08)
- Re: Compromised... Jose Nazario (Feb 07)
- Re: Compromised... Jim Kinney (Feb 07)
- Re: Compromised... Jon Lewis (Feb 07)
- Re: Compromised... Joshua Krage (Feb 08)
- Re: Compromised... Rich Burroughs (Feb 09)
- Re: Compromised... Lane Davis (Feb 07)
- Re: Compromised... Marianovich Felix (Feb 08)
- Re: Compromised... Sebastian (Feb 08)
- 195.0.0.0/8 Scan Source amused () POBOX COM (Feb 10)
- hacked Anton (Feb 14)
- Re: Compromised... Stephen J. Friedl (Feb 14)
- Re: Compromised... Derek Vadala (Feb 14)
- Re: Compromised... Alexandru Popa (Feb 14)