|
Bugtraq
mailing list archives
Re: root name server corruption, denial of service prob
From: markk () internic net (Mark Kosters)
Date: Thu, 21 Jul 1994 12:09:25 -0400 (EDT)
I was told that internic database had a corruption, someone fell asleep on
their keyboard or something, anyway point is there are inaccurate records
in there that need to be fixed up. I fyou depend on reverse lookups not
lying to allow acces then you can get a denial of service.
Not quite true. A number of the root name servers (outside of our
control) allowed recursion and got infected with bad data which
in turn aided in spreading it to other non-recursive servers. The roots
have since been fixed. We put in a patch to help aid in stopping this.
Restarting your nameserver should fix things, but if your BIND is pre 4.9
then it might be harder to get rid of the problems. It'd be a good idea to
upgrade asap to BIND 4.9.2-940221. This should fix any refresh probs.
Bind 4.9.2-940221 is a bad idea especially for busy servers since
it has a file descriptor leak. 4.9.3 is much better (now in beta).
Here is info on where to get it:
# Getting the bits is tricky. If you have 4.9.3-BETA7 PATCH1, you only need to
# apply PATCH2 (included below). If you don't have BETA7 PATCH1 running, you
# need to get them and then apply PATCH2 (see below). The files are all on
# ftp.uu.net:~ftp in an unreadable directory called /private/bind:
#
# -rw-rw-r-- 1 vixie archive 1289153 Jul 11 03:56 bind-4.9.3-BETA7.tar.gz
# -rw-rw-r-- 1 vixie archive 24196 Jul 19 18:56 b7p1
# -rw-rw-r-- 1 vixie archive 7023 Jul 19 18:56 b7p2
Mark
--
Mark Kosters markk () internic net +1 703 742 4795
Software Engineer InterNIC Registration Services
 By Date 
By Thread
Current thread:
- Re: yes, there's another hole in BIND, (continued)
Re: Wall and talkd pass binary data Paul Robinson (Jul 20)
Re: Wall and talkd pass binary data Richard Huddleston (Jul 20)
Re: Wall and talkd pass binary data a.e.mossberg (Jul 21)
|
Intro
