DNS Cache Snooping?
atkac at redhat.com
Tue Jun 24 13:55:57 UTC 2008
On Tue, Jun 24, 2008 at 09:34:57AM -0400, Jeff Lightner wrote:
> Thanks. I'd pretty much come to that conclusion based on my searches.
> I guess that means the link even though it is on ISC's site is
> Current RHEL5 bind-chroot (and other bind packages) version is
> 9.3.4-6.P1.el5. It was updated within the last month. It includes a
> fix for CVE-2008-0122. I had installed a new server a week or so ago
> and got this in the yum update. Yesterday I updated my other server to
> this version specifically because there was a scan hit on CVE-2008-0122.
> That scan was based on BIND version so would still peg this but the
> details at RHN confirm the fix was added by RedHat to the 9.3.4-6 P1.
> Does setting to max-cache-ttl instead to a low value help remediate the
> DNS cache snooping?
did you try set "recursion no;" in your external view? I didn't test
it but it might help.
Adam Tkac, Red Hat, Inc.
More information about the bind-users