On Thursday 31 July 2008 05:25 pm, Paul Saenz wrote: > Bind is vulnerable to the DNS cache poisoning vulnerability. > I would go to the website doxpara.com to see if the vulnerability > exists on the dns I use. But that's just me. I'm just learning this > stuff.
You don't fall victim to the cache poisoning vulnerability if you don't use recursive (caching) DNS. On Red Hat and CentOS it's easy; we just don't install the caching-nameserver RPM. > You, on the other hand, have probably already done what you need to > do to take care of any vulnerabilities. Above said, we install vulnerability updates immediately. Currently we're relying on others for our recursive DNS, but we're looking into running our own. Jeff -- Jeff Lasman, Nobaloney Internet Services P.O. Box 52200, Riverside, CA 92517 Our jplists address used on lists is for list email only voice: +1 951 643-5345, or see: "http://www.nobaloney.net/contactus.html";
