All of lore.kernel.org
 help / color / mirror / Atom feed
* Re: MAJOR SECURITY HOLE IN BIND!!
       [not found] ` <Pine.LNX.4.21.0003261704270.3251-100000@dipswitch.penguinpowered.com>
@ 2000-03-26 22:46   ` Dan Foster
  0 siblings, 0 replies; only message in thread
From: Dan Foster @ 2000-03-26 22:46 UTC (permalink / raw)
  To: Brian; +Cc: sterwill, linuxppc-dev, dsf


Hot Diggety! Brian was rumored to have wrote:
>
> 	It looks like there is a vulnerability in bind that allows a
> malicious user to gain root access through bind by expoiting something
> called the "NXT" bug...Artifacts of this break in are the empty folder
> ADMROCKS in /var/named....

Actually, this has been known for some months now :) Stuff like this is
why the ISC put out latest version of BIND being 8.2.2-P5. Publically known
since November 10, 1999.

> 	All users should upgrade thier BIND to the lastest version to
> avoid the hassle and frustration that I will/have gone through...

Agreed. I'm sorry you went through that nasty experience.

That said, part of the responsibility of running daemons that makes services
accessible to the internet - be it X, lpd, mountd, sendmail, named, etc. -
one simply has to keep up with security patches by periodically re-checking
for them or subscribing to security mailing lists. A bothersome responsibility,
but unavoidable in today's age of cyber-scumbags.

Also, a firewall will help a lot if properly configured, but can still be
tricked under certain circumstances - so it's only one of multiple avenues
for attacking the problem of cyber-scumbags; securing all applications and
systems on the internal network counts, too.

You might want to also look into using Abacus's PortSentry (freeware) to
actually *monitor* for possible attacks - it can then immediately fire off
mail, page someone, add host to ipchains blacklist, etc. Very nice stuff.

http://www.psionic.com/

*topic change*

My apologies for the absence of linuxppc content, except to say that I hope
to be trying out the LinuxPPC 2000 stuff soon. The installer alone is exactly
what I expected from LinuxPPC 1999 :) In fact, from what I've heard about
the new installer...I think it'll help encourage some more people that I
know to give it a shot since the pdisk stuff *really* scared them off - not
to mention heavy swapping+slow startup for X (for the install stuff).

I don't have the in-depth knowledge needed to contribute to the dev stuff
here, but have been reading the PCI and X stuff lately with much interest.

-Dan

** Sent via the linuxppc-dev mail list. See http://lists.linuxppc.org/

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2000-03-26 22:46 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <Pine.LNX.4.21.0003261555310.2585-100000@dipswitch.penguinpowered.com>
     [not found] ` <Pine.LNX.4.21.0003261704270.3251-100000@dipswitch.penguinpowered.com>
2000-03-26 22:46   ` MAJOR SECURITY HOLE IN BIND!! Dan Foster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.