RE: named / dns

Mon, 05 Mar 2001 09:13:15 -0800 

Anybody have any specifics on how this is accomplished so we can nip it in
the bud?

-----Original Message-----
From: Cameron Childress [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 05, 2001 11:00 AM
To: CF-Linux
Subject: RE: named / dns


> This is a very SERIOUS problem

I absolutely agree.  In the last month or so, I have detected 10 or 15
outside scans of my network on port 53.  There are LOTS of people actively
seeking to exploit this hole...

-Cameron

--------------------
Cameron Childress
elliptIQ Inc.
p.770.460.7277.232
f.770.460.0963

> -----Original Message-----
> From: Rob Burtelow [mailto:[EMAIL PROTECTED]]
> Sent: Monday, March 05, 2001 10:24 AM
> To: CF-Linux
> Subject: Re: named / dns
>
>
> Herman,
>
> My first suggestion is upgrade bind right away, and make it your first
> priority.  I suggest upgrading to bind 8.2.3, because bind 9 is a lot more
> picky with the db files and can cause certain domains not to work.  If you
> haven't heard there is an exploit in bind 8.2.2 that can get a hacker root
> on your box.  This is a very SERIOUS problem, I have already seen
> 10 servers
> on our network hacked since this came about.  You may want to look into
> alternative software for DNS as well (djbdns is the only one that comes to
> mind), because I think many people are getting tired of the problems with
> bind.
>
>
> Rob Burtelow
> Senior SMC Staff/Network Security Specialist
> [EMAIL PROTECTED]
>
> ----- Original Message -----
> From: "Herman Cremer" <[EMAIL PROTECTED]>
> To: "CF-Linux" <[EMAIL PROTECTED]>
> Sent: Monday, March 05, 2001 3:03 AM
> Subject: named / dns
>
>
> > a bind / dns question ?
> >
> > I have a redhat box, kernel 2.2, running bind 8.2.2.
> > We have 10 domains on the server,
> >
> > For no reason, named suddenly starts using 99% CPU time,
> > wich causes the server to come to a standstil!!
> >
> > When I restart named, it works fine, for a day or 2, then the
> same story.
> >
> > Any ideas ?
> >
> > PS  How many domains can safeley be hosted on 1 machine ?
> >
> > Herman
> >
> >
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Reply via email to