Security Incidents mailing list archives
Logging named version requests
From: "Osvaldo J. Filho" <osvaldojaneri () UOL COM BR>
Date: Wed, 7 Feb 2001 22:38:44 -0300
With all these bind bug buzzing, I did a (very) small patch to (sys)log que version request for the latest 8.x.x named (8.2.3-REL). It can be found at http://brsec.xnext.com.br/named-patch.tgz. I think this is really important to keep a eye on intruders looking for vulnerable servers on your network. A example of the output on my /var/log/messages looks like: Feb 7 21:42:19 kbyte named[12434]: ALERT: Version requested from 10.0.0.1. Answering 8.2.3-REL Thank you for the time. --- Osvaldo J. Filho osvaldojaneri () uol com br Unix Security Specialist The Omega Project (Secure Linux) Coordinator http://omegaproject.cjb.net BrSec Coordinator ---
Current thread:
- Logging named version requests Osvaldo J. Filho (Feb 06)
- Re: Logging named version requests Nicolas GREGOIRE (Feb 07)
- <Possible follow-ups>
- Re: Logging named version requests Luke Dudney (Feb 06)