named dying
Michael Bryan
bind at ursine.com
Mon Jul 3 19:05:30 UTC 2000
keith at mail.telestream.com wrote:
>
> I have named running non-root on a linux machine and it runs great with
> one exception. From time to time, without named shutting down, it simply
> stops answering queries.
Does it log any messages to syslog? Is it still listening on port 53?
(The "netstat -an" command should tell you what ports are active.)
You say you're running version 8.2. There are known security problems
in that version that allow outside users to break into your system as
the UID/GID that named is running as. You should upgrade to 8.2.2-P5,
and assume that somebody has broken into your system. Such a breakin,
or at least a breakin attempt, might explain the lockups you're seeing.
(They might have gained root access as well, if they were able to
leverage
a named.named breakin to run a local-root exploit on your system.)
See this page for info on the vulnerabilities in older versions of BIND:
http://www.isc.org/products/BIND/bind-security-19991108.html
More information about the bind-users
mailing list