win2k & bind 8.2.2_p5 (AAAROCKS or ADMROCKS)
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Sat Sep 2 23:52:21 UTC 2000
> I have been trying to get a win2k server to be a secondary / slave to a Linux
> (cobalt raq3i ) machine with bind 8.2.2_p5 however no
> joy so far.
>
> In my /etc/named directory I have a directory AAAROCKS which is empty, not pu
> t there by me, a tad disconcerting to say the very
> least.
>
> I think the bind version was upgraded with OS upgrade after the said director
> y was introduced to this particular machine.
>
> So should I worry about the AAAROCKS seeing as the OS & possibly bind have be
> en upgraded or given that I now use 8.2.2_p5 is there
> nowt to worry about. ??!!?***
It looks your machine has been compromised in the past.
The upgrade may or may not have removed all the backdoors.
It would be wise to assume that it hasn't.
>
> Is this AAAROCKS a variant of ADMROCKS ?
Most probably.
>
> How does one check the named-xfer is working ?
By attempting to transfer a zone using it. Named-xfer is
used by the slave side, not the master side of a transfer.
So apart from testing the master it is not needed in the
described configuration.
>
> Or am I barking up the wrong tree ?
>
> Maybe the win2k dns is incompatible with bind 8.2.2_p5 ?
No, they inter-operate.
>
> I have noticed a few others seem to be ... battling , with the same issue, m
> ay be they've been attacked by the bind hack.
>
> Hopefully someone can put a finger on the problem ?
>
> Hopefully
> martin
> London UK
Mark
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list