DNS hijacking becoming commen place

Len Conrad LConrad at Go2France.com
Sun Feb 25 11:24:22 UTC 2001



>If there was an attack on the McDonalds.co.uk name servers - don't
>believe everything you see in the papers or on the net! - it may have
>succeeded because one of those name servers is running an old version
>of BIND with known security holes. IIRC a recent posting to bugtraq
>gave the script kiddies a way of exploiting that one of those holes.
>I notice that the other name server runs BIND8.2.3. So maybe they are
>in the process of upgrading to a version that plugs the holes?

If so, they haven't finished yet.

As of midday Sunday, Paris time, still 8.2.2 p5

Len

http://BIND8NT.MEIway.com : Binary for ISC BIND 8.2.3 for NT4 & W2K
http://IMGate.MEIway.com  : Build free, hi-perf, anti-spam mail gateways



More information about the bind-users mailing list