KAMINSKY vulnerability !!

P.A razor at meganet.net
Mon May 10 14:19:33 UTC 2010


I think I see what the issue is,

 

http://www.kb.cert.org/vuls/id/725188

 

I was asking about kaminsky because I wasn't sure if I had previously
upgraded to fix that fix, which seems like I had and the problem is
something different. 

 

From: P.A [mailto:razor at meganet.net] 
Sent: Monday, May 10, 2010 10:06 AM
To: 'bind-users at lists.isc.org'
Subject: KAMINSKY vulnerability !!

 

Hi, list.

 

Today I came in and both my name server stopped answering queries. I
restarted the servers a couple of times and they are now up. I have posted
the primary/slave look below. My question is did I just get rid by the
kaminsky vulnerability? if so how can I determined what host caused this if
its possible. The last thing what version should I upgrade to?

 

Thanks, Paul.

 

Primary server: BIND 9.4.3b2

 

May 10 08:37:06 ns1 named[4388]: client 69.7.14.195#12898: RFC 1918 response
from Internet for 22.98.168.192.in-addr.arpa

May 10 08:37:09 ns1 named[4388]: client 69.7.14.195#12899: RFC 1918 response
from Internet for 22.98.168.192.in-addr.arpa

May 10 08:37:11 ns1 named[4388]: resolver.c:5494: REQUIRE((((query) !=
((void *)0)) && (((const isc__magic_t *)(query))->magic == ((('Q') << 24 |
('!') << 16 | ('!') << 8 | ('!')))))) failed

May 10 08:37:11 ns1 named[4388]: exiting (due to assertion failure)

 

May 10 09:22:12 ns1 named[5020]: client 76.119.98.131#3941: updating zone
'xxxxx.com/IN': update unsuccessful: MATTLAPTOP.quakerfabric.com/A: 'RRset
exists (value dependent)' prerequisite not satisfied (NXRRSET)

May 10 09:22:12 ns1 named[5020]: client 76.119.98.131#3944: update
'xxxxx.com/IN' denied

May 10 09:22:15 ns1 named[5020]: resolver.c:5494: REQUIRE((((query) !=
((void *)0)) && (((const isc__magic_t *)(query))->magic == ((('Q') << 24 |
('!') << 16 | ('!') << 8 | ('!')))))) failed

May 10 09:22:15 ns1 named[5020]: exiting (due to assertion failure)

 

 

Secondary server: BIND 9.4.3b2

 

May 10 08:37:06 ns1 named[11422]: resolver.c:5494: REQUIRE((((query) !=
((void *)0)) && (((const isc__magic_t *)(query))->magic == ((('Q') << 24 |
('!') << 16 | ('!') << 8 | ('!')))))) failed

May 10 08:37:06 ns1 named[11422]: exiting (due to assertion failure)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100510/e17f8ed7/attachment.html>


More information about the bind-users mailing list