DNS cache poisoning attacks

Mark Andrews Mark_Andrews at isc.org
Tue Aug 26 01:17:29 UTC 2008


> Hello,
>             As recommended, I've upgraded my DNS server to the version BIND 9
> .5.1b1 <http://www.isc.org/sw/bind/view?release=9.5.1b1> . But I still have t
> he message indicating that my server is still vulnerable 
>  
> # dig @192.168.2.3 +short porttest.dns-oarc.net txt
> Porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
> "192.168.2.3 is POOR: 26 queries in 6.4 seconds from 1 ports with std dev 0"
>  
> Is there anything that I've missed?

	Removing the port from the query-source directive in named.conf.

> Best Regards,
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org


More information about the bind-users mailing list