[bind] Re: The worst thing about the exploit -- Have you done your part?

[Evan Hunt]

> Is un-patched recursion at ANY point dangerous or just external  
> recursion?

ANY un-patched recursion is dangerous.  Patch your recursive servers or
switch them off, as soon as possible.

An attacker doesn't need to be able to do recursive queries on your server
directly; all s/he has to do is convince one of your users to look up a
given address.  Sending an email containing a website link will get the
job done nicely.

-- 
Evan Hunt -- evan_hunt at isc.org
Internet Systems Consortium, Inc.