BIND Crashing

Michael Vincent K. Pozon - CompE vince at trinity.cebu.pilnet.com
Mon Apr 10 03:44:25 UTC 2000 

try upgradint the the latest stable release .. 8.2.2-P5 .. 
you're probably hit by an exploit or something ..

goto http://www.isc.org/bind for details about the exploits and it's
symtoms 


On Sun, 9 Apr 2000, Garry wrote:

> 
> 
> 
> Hello,
> 
> For some reason my BIND v 8.2.2 P3 keeps crashing on me. Just the daemon,
> not the whole machine. Although, once before the machine has crashed
> recently which could be caused by it. I am now running bind in debug mode to
> see if I can catch what else may be crashing it. I am running RedHat 6.0 and
> bind 8.2.2 P3, kernel 2.2.14+solar designers/openwall patch. Any Ideas of
> what could be causing this problem? I will paste below logs from messages
> when this happened.
> 
> COM'9 16:00:15 ns named[27861]: Lame server on
> 'Clinton.TitanInternational.com' (in 'TITANINTERNATIONAL.com'?):
> [216.73.223.25].53 'NS1.DSTREAM.NET's named[27861]: Lame server on
> 'Clinton.TitanInternational.com' (in 'TITANINTERNATIONAL.com'?):
> [199.1.77.2].53 'NS1.PACKET.NET'24 ns named[27861]: ns_resp:
> query(vip-tl.proxy.aol.com) All possible A RR's lame
> Apr  9 21:02:04 ns dhcpd: DHCPDISCOVER from 00:05:9a:a0:d0:39 via eth0
> Apr  9 21:02:05 ns dhcpd: DHCPOFFER on 216.73.223.152 to 00:05:9a:a0:d0:39
> via eth0
> Apr  9 21:02:05 ns dhcpd: DHCPREQUEST for 216.73.223.152 from
> 00:05:9a:a0:d0:39 via eth0
> Apr  9 21:02:05 ns dhcpd: DHCPACK on 216.73.223.152 to 00:05:9a:a0:d0:39 via
> eth0
> Apr  9 21:02:26 ns xntpd[741]: recvfrom() fd=6: Connection refused
> Apr  9 21:13:27 ns dhcpd: DHCPRELEASE of 216.73.223.152 from
> 00:05:9a:a0:d0:39 via eth0 (found)
> Apr  9 21:19:30 ns xntpd[741]: recvfrom() fd=6: Connection refused
> Apr  9 16:25:01 ns kernel: free_one_pmd: bad directory entry 00000020
> 
> Could possible this kernel message be a problem?
> 
> Nothing has really changed recently that would be causing this. I am now
> running previous kernel, and the process still died.
> 
> Also, I dont really know how to use the gdb command to well, but here is
> some of the output
> 
> ns:# gdb /usr/sbin/named core
> GNU gdb 4.17.0.11 with Linux support
> Copyright 1998 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "i386-redhat-linux"...(no debugging symbols
> found)...
> Core was generated by `named'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /lib/libc.so.6...done.
> Reading symbols from /lib/ld-linux.so.2...done.
> #0  0x805b3d8 in strcpy ()
> (gdb) where
> #0  0x805b3d8 in strcpy ()
> #1  0xbfffdc60 in ?? ()
> #2  0x392c98 in ?? ()
> #3  0x7c64d87d in ?? ()
> 
> 
> 

--
m  i  c  h  a  e  l   v  i  n  c  e  n  t   p  o  z  o  n
          ::  mikevince at netexecutive.com  ::
---------------------------------------------------------------
HPS Software & Communication Corp.     ICQ : 1413343
Pilipino Internet Cebu              office : (+63)(32) 3447847
Systems/Network Administrator       home   : (+63)(32) 3446427
- - - - - - - - - - - - - - - - - - cell   : (+63) 917-3276966
 - - - - - - - - - - - - - - - - -  http://mikevince.tripod.com

More information about the bind-users mailing list