Re: named config
- From: Tony van der Hoff <news@xxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 29 Jul 2008 18:38:27 +0100
On 29 Jul at 17:31 Chris Davies <chris-usenet@xxxxxxxxxxxx> wrote in message
<q7t3m5x054.ln2@xxxxxxxxxxxxxxxxx>
Tony van der Hoff <news@xxxxxxxxxxxxxxxxxxxxx> wrote:[snip]
For any named gurus out there, I'm running BIND9 as a caching nameserver
under Debian etch.
As an important side issue to your actual question, please make sure that
you upgrade it ASAP. You may (or may not) have read about the DNS exploits
that are being talked about right now, but essentially it allows attackers
to poison one's DNS cache so that names map to the wrong IP addresses.
(Can you say bank website spoofing?)
Aye:
bind9 (1:9.3.4-2etch3) stable-security; urgency=high
* Randomize UDP query source ports to improve forgery resilience.
(CVE-2008-1447)
-- LaMont Jones <lamont at debian dot org> Sun, 06 Jul 2008 19:19:53 -0600
Debian's pretty good with security patches, and I've got automatic
notification enabled. Thanks for the reminder!
--
Tony van der Hoff | mailto:news_0711@xxxxxxxxxxxxxx
Buckinghamshire, England
.
- References:
- named config
- From: Tony van der Hoff
- Re: named config
- From: Chris Davies
- named config
- Prev by Date: Response from Southern Electric
- Next by Date: Re: Is my old RedHat computer doomed?
- Previous by thread: Re: named config
- Next by thread: Re: named config
- Index(es):
Relevant Pages
|
