Some servers respond with wrong IP address for my domain
Brian Salomaki
brian at gambitdesign.com
Fri Oct 5 19:56:35 UTC 2001
On Friday 05 October 2001 02:05 pm, Will Yardley wrote:
> Nate Campi wrote:
> > Get a good monitoring system like Mon
> > (http://www.kernel.org/software/mon) that will check that your serials
> > match. That way you don't have to roll your own.
>
> although the weird thing in this case is that the serials did match; i
> think that one of the machines just had incorrect cache information.
I'd guess that the zonefile was updated without updating the serial, since
the serial was still 1.
>
> my guess is that a newer version of bind would be less succeptible to
> this sort of poisoning, no?
>
> jazz% dig version.bind ch txt @newjersey.websoft.com. +sh
> "8.2.2-P5"
> jazz% dig version.bind ch txt @vermont.websoft.com. +sh
> "8.2.2-P5"
>
> in any event unless this is a vendor patched version of bind that's
> completely patched of the various security holes in that version (and in
> fact even if it is), i'd highly recommend upgrading.
>
> you might also consider restricting axfr from outside your network.
>
> w
--
Brian Salomaki
Gambit Design Internet Services
110 E. State St., Suite 18, Kennett Square, PA 19348
DNSbox: http://gambitdesign.com
More information about the bind-users
mailing list