jrhett at netconsonance.com
Mon Jun 13 19:42:15 UTC 2011
On Jun 13, 2011, at 2:21 AM, Jim Reid wrote:
> First the people who need to do something about old, buggy versions will not see these warnings or do anything about them. They won't be checking their logs. Or know how to switch on this bugfix check. [It would be configurable, right?] These guys already don't visit the ISC web site for info about vulnerabilities or read any of the lists where announcements get made about a security problem. Expecting them to read and act on a message in the name server logs seems optimistic and/or naive. Unless the server refuses to run until it gets upgraded. Which introduces another set of nasties...
There are many people/teams with well-running systems and active logsurfers looking for important messages, who are sufficiently overloaded to not remember to check the ISC website (or look in their mailing list folder) weekly or even monthly. The generation of this message could help get systems updated much more quickly during an outbreak.
Paul: I like this idea and I think it should check daily or be configurable for such.
Net Consonance : consonant endings by net philanthropy, open source and other randomness
More information about the bind-workers