bind 9 goes rogue and revert zone information
Alberto Colosi
alcol at hotmail.com
Tue Feb 7 22:31:55 UTC 2017
lucky you say
zombie host and hijacked resourced poisoned DNS are not an hack
In years as Security Desk Seat I had at leat one attack from zombie hosts from a US University. Admins even not known was hacked.
Target of hackers is not only credit cards or other so valuable things. Even only a zombie host is a valuable item for them.
________________________________
From: bind-users <bind-users-bounces at lists.isc.org> on behalf of Alan Clegg <alan at clegg.com>
Sent: Tuesday, February 7, 2017 10:48 PM
To: bind-users at lists.isc.org
Subject: Re: bind 9 goes rogue and revert zone information
On 2/7/17 8:42 AM, Alberto Colosi wrote:
> IP ports not open does not mean is not hacked.
>
> a vulnerability can be used to make a change or an access
Occam's razor... if you were a hacker and broke into someone's DNS
server, would the thing that you focus on be resetting the data every 24
hours?
This isn't a hack, this is a screwed up backup/restore or virtualization
configuration.
Don't waste time chasing ghosts.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170207/c6fc543c/attachment.html>
More information about the bind-users
mailing list