DNS exploit code is in the wild
Nelson Serafica
ntserafica at yahoo.com
Fri Jul 25 01:22:41 UTC 2008
Thanks Jeremy,
I have downloaded the file bind-9.5.0-P1.tar.gz and do configure && make && make install.
Installation was successful. However, when I query the version of bind, it shows:
[root at ns1-rproxy bind-9.5.0-P1]# /usr/local/named/sbin/named -v
BIND 9.2.3
I restart named (/etc/init.d/named restart) but still not yet updated. I have do also rndc reload as well but still the old version.
Is there a way I can verify that the new bind is already running?
Many thanks,
Regards,
Nelson
----- Original Message ----
From: Jeremy C. Reed <Jeremy_Reed at isc.org>
To: Nelson Serafica <ntserafica at yahoo.com>
Cc: bind-users at isc.org
Sent: Friday, July 25, 2008 8:52:51 AM
Subject: Re: DNS exploit code is in the wild
On Thu, 24 Jul 2008, Nelson Serafica wrote:
> This new has been lurking in the Internet. One of our DNS running bind
> seems got a POOR score. Does anyone knows a patch how to make bind
> listen to random port for any query.
Please visit the ISC BIND website at http://www.isc.org/
http://www.isc.org/sw/bind/bind-security.php has details.
> This seems a critical and needs some attention. I'm new to this lists so
> if there's already a solution, please advise it again.
Also please join the bind-announce mailing list.
http://www.isc.org/sw/bind/bind-lists.php
Get your new Email address!
Grab the Email name you've always wanted before someone else does!
http://mail.promotions.yahoo.com/newdomains/ph/
More information about the bind-users
mailing list