KAMINSKY vulnerability !!

P.A razor at meganet.net
Mon May 10 14:58:52 UTC 2010


Stephane, do you think I can get away with running 9.4.3-P5 that doesn't
seem to have any known issues. Also what exploit do you think caused my
original issue?

As far as running an old version its been stable for a long time and to be
honest I forgot I was running that version.


-----Original Message-----
From: Stephane Bortzmeyer [mailto:bortzmeyer at nic.fr] 
Sent: Monday, May 10, 2010 10:24 AM
To: P.A
Cc: bind-users at lists.isc.org
Subject: Re: KAMINSKY vulnerability !!

On Mon, May 10, 2010 at 10:05:47AM -0400,
 P.A <razor at meganet.net> wrote 
 a message of 242 lines which said:

> My question is did I just get rid by the kaminsky vulnerability?

Not at all. The Kaminsky attack poisons the server, it does not crash
it.

> Primary server: BIND 9.4.3b2

Why do you run a beta version (and an old one)?

This issue is known
<http://www.mail-archive.com/bind-users@isc.org/msg00323.html> and has
been fixed in production versions a long time ago.




More information about the bind-users mailing list