Root Name Servers won't respond to named.
milton at calnek.com
milton at calnek.com
Tue Mar 27 22:35:19 UTC 2001
In message <p0510081bb6e6bb56c515@[194.78.241.123]>, Brad Knowles writes:
> At 10:52 AM -0700 3/27/01, milton at calnek.com wrote:
>
> > I'm reluctant to upgrade beyond what comes from redhat. I don't
> >belive that's
> > what the problem is. I was previously at 8.2.2 and all of a sudden
> >it stopped
> > working.
>
> Problem is, BIND 8.2.2 has a root compromise that means anyone in
> the world can own your machine in nanoseconds. There's even a Linux
> "worm" going around that will automatically compromise any vulnerable
> machine it encounters. See
> <http://www.securityfocus.com/templates/headline.html?id=10851> and
> <http://www.securityfocus.com/bid/2302>. Note that the latter is
> dated January 29, 2001.
>
> Obviously, you're one of the sites that would be compromised by
> the Linux Lion Worm (and probably already has been), since you didn't
> apply the update to your machines when the problem was first
> published in January.
No, I don't believe so... I'm familiar with the worm as it has affected
other machines I know about and I have cleaned up afer it. I did one
clean up by giving instructions over the phone, as I would not login because
hte host did not have ssh. I don't believe that I'm subject to
this problem as my named is behind a masquared firewall. There is no direct
access from the internet to my named.
>
>
> I still suggest getting at least 8.2.3-REL and installing it on
> your machines, if not trying the latest release candidate for 9.1.1
> (currently at 9.1.1rc7). Ideally, you'd also download the source
> code and compile it for yourself, because you can't be sure that the
> binary RPMs you download have not themselves been trojaned.
> --
> Brad Knowles, <brad.knowles at skynet.be>
>
> /* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
> /* Represented as 1045 digit prime number by Phil Carmody */
> /* Prime as DNS cname chain by Roy Arends and Walter Belgers */
> /* */
> /* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
> /* where title-key = "153 2 8 105 225" or other similar 5-byte key */
>
> dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
--
Milton Calnek
milton at calnek.com
TTI: +1 403 870 8479 milton at tti-telecom.com
www.tti-telecom.com
GCS d- s:+ a- C++$ ULH+++$ P+++ L+++ E--- W-- N o? K w O? M+
V- PS++ PE Y+ PGP->+ t+ !5 X+ R tv b+ DI++ !D G>++++ e++
h--- r+++ y+++
More information about the bind-users
mailing list