nanog mailing list archives
Re: DNS Headaches.
From: Marc Slemko <marcs () znep com>
Date: Fri, 14 Aug 1998 23:44:25 -0700 (PDT)
On Sat, 15 Aug 1998, David R. Conrad wrote:
Hi,Oh, and make everyone upgrade their version of BIND. Unfortunately, far too many people refuse even when they know their whole world can be messed up by a broken nameserver or two unless they upgrade.Yeah. What he said. Upgrade. Please. See http://www.cert.org/advisories/CA-98.05.bind_problems.html for a few good reasons.
To summarize for lazy people (since others would have upgraded already...): your DNS is vulnerable to manipulation (both on purpose and by accident; this is _NOT_ some rare thing, but happens more and more), the machine you run BIND on is vulnerable to root compromises, your job is vulnerable. While we are on the topic, are there any known cache pollution problems with 4.9.7 that are fixed in 8.x? I had thought that those problems were fixed in 4.9.7 but I keep think I seeing other people's 4.9.7 machines vulnerable to them.
Current thread:
- DNS Headaches. max (Aug 14)
- Re: DNS Headaches. Marc Slemko (Aug 14)
- Re: DNS Headaches. David R. Conrad (Aug 17)
- Re: DNS Headaches. Marc Slemko (Aug 15)
- Re: DNS Headaches. David R. Conrad (Aug 17)
- Re: DNS Headaches. David R. Conrad (Aug 17)
- Re: DNS Headaches. Marc Slemko (Aug 14)
- Re: DNS Headaches. Craig A. Huegen (Aug 14)
- Re: DNS Headaches. Ryan K. Brooks (Aug 17)
- Re: DNS Headaches. Craig A. Huegen (Aug 15)
- Re: DNS Headaches. Ryan Brooks (Aug 17)
- Re: DNS Headaches. Paul Vixie (Aug 17)
- Re: DNS Headaches. Ryan K. Brooks (Aug 17)
- <Possible follow-ups>
- Re: DNS Headaches. Sean Donelan (Aug 15)
- Re: DNS Headaches. max (Aug 17)
- Re: DNS Headaches. Mathias Koerber (Aug 18)