BIND unappproved updates
Thomas Kellar
tkellar at fsp.fsp.com
Tue Feb 13 22:11:40 UTC 2001
Thanks for the response. I am running 8.2.2P5 and I know I need
to update (to 8.2.3) but I do the systems I get paid for before my own
system.
The _source_ of the updates is another network that has an unresponsive
abuse email address. I finally got their attention by sending email to
their corporate personnel. (Though they have not stopped as of 17:06 EDT)
I'd really like to know how someone misconfigures and gets my unique
domain name into their W2K computer and starts sending me updates. It
scares me that these built-in-DOS enabled computers are plugging into the
Internet and Microsoft cares not but for the money it gets.
Thomas
--
w8twk Freelance Systems Programming http://www.fsp.com
On Wed, 14 Feb 2001 Mark.Andrews at nominum.com wrote:
> Q: I have "unapproved update" messages. How do I stop these.
> A: This indicates that you have a old version of named with known
> security flaws, see http://www.isc.org/products/BIND/bind-security.html.
> If you know that this is not a problem, i.e. your vendor has shipped you
> a patched version, them apply the "denied update" solution below.
> Q: I have "denied update" messages. How do I stop these.
> A: These are better stopped at the source. The following link has
> instructions on how to disable dynamic updates on Windows 2000 and
> MacOS 9. http://www.domainregistry.ie/tech/dynamic-dns.html
More information about the bind-users
mailing list