[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability(exploit, BIND_ZXFR)

Subject: Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability(exploit, BIND_ZXFR)
From: Jeff Lovell <jlovell@xxxxxxxxxx>
Date: Thu, 09 Nov 2000 15:55:19 -0800
Organization: Cobalt Networks, Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Gossi The Dog wrote:
>
> Jeff from Cobalt usually lurks here, but we haven't heard from him
> recently.  

Busy times...

> Cobalt have the mail address security@xxxxxxxxxx, if you are
> concerned.

As a measure to prevent attacks, you can add the following
to the options section in your /etc/named.conf

allow-transfer { none; };

and run /etc/rc.d/init.d/named restart

Here is the modified default named.conf:

options { directory "/etc/named"; allow-transfer { none; }; };
zone "." { type hint; file "db.cache"; };

See if that will stop it from crashing for now.  But you
will not be able to do zone transfers.  If you still need
to do zone transfers, put in the address/net to allow access.

'man named.conf' for more details.

Jeff

-- 
Jeff Lovell
Cobalt Networks, Inc.

Follow-Ups:
- Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability(exploit, BIND_ZXFR)
  - From: Gerald Waugh

References:
- Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability (exploit, BIND_ZXFR)
  - From: Gossi The Dog

Prev by Date: Re: [cobalt-security] syslog.conf Settings
Next by Date: Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability(exploit, BIND_ZXFR)
Previous by thread: Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability (exploit, BIND_ZXFR)
Next by thread: Re: [cobalt-security] Fwd: [EXPL] BIND 8.2.2-P5 DoS vulnerability(exploit, BIND_ZXFR)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index