ProBIND Support Forums

August 19, 2017, 05:58:16 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Due to spam issues, registration is temporarily disabled.
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: Patch your BIND Servers  (Read 17380 times)
Michael Johnson
ProBIND Developer
Administrator
*****
Posts: 70


View Profile
« on: July 12, 2008, 08:11:56 AM »

There has been a big effort underway by security researcher Dan Kaminsky on a very bad problem with many DNS server platforms. Basically, it's a poisoning attack, and a fairly bad one from what is being said. Mr. Kaminsky will publish full details after his presentation at the Black Hat conference. A list of affected systems are in CERT VU #800113.

Note that all versions of ISC BIND are affected, but only version 9 is patched. I guess version 8 is too difficult to fix. If you still have version 8 servers, put in place a plan to upgrade to version 9. Also note that this affects servers with recursion enabled, so if you are running authoritative servers, disable recursion on them - it's a good practice anyway.

Most vendors should have updated their packages with patched ones by now, so if you use the vendor-supplied BIND, you just need to make sure you are updated. If you are running from source, you should be running 9.3.5-P1, 9.4.2-P1, or 9.5.0-P1.
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.20 | SMF © 2013, Simple Machines