Balanagaraju Munukutla a écrit :
Hi
Hi,
How to Disable the BIND version query feature in BIND 9.2.1.
in named.conf :
options {
version"what you want";
};
Or just : http://www.google.com/search?q=disable+version+bind
--
Yohann LEPAGE
Post-scriptum La Poste
Ce message
Hi
How to Disable the BIND version query feature in BIND 9.2.1.
This is a bindvrs Vulnerability.
Thanks & Regards
Nagaraj___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hello,
An abort is triggered when dst_lib_destroy is called from the error handler
in dst_lib_init (dst_api.c). If memory allocation
fails in one of the methods called by dst_lib_init, dst_lib_destroy will be
called without having dst_initialized set, thus triggering
an assert and therefore an abo
Rij wrote:
Hello,
I am trying to understand the behavior of bind resolver regarding a
particular issue. Let us say a resolver A sends a query to a server B.
If the response is too big, B will set the TC flag. Let's assume that
the truncated portion was NOT part of the additional section since I
On Mon, January 11, 2010 8:33 pm, Matthew Pounsett wrote:
> The problem may be at Kloth.. but at least one of the many possible
> problems they might be having could be corrected by a slightly different
> configuration at your end.
Thanks Matt for your (and others) continued help with this - it i
On 2010/01/11, at 15:16, Matthew Pounsett wrote:
> By contrast, Verisign's servers have long included glue in the ANSWER
> section. This is widely considered to be at best suboptimal, and by many (or
> most) to be a bug. Verisign has indicated that this behaviour is coming to
> an end, altho
On 2010/01/11, at 14:48, Mathew J. Newton wrote:
>> FWIW, at least one of the afilias hosts had the same IPv4 address for
>> ns[12].v6ns.org.
>
>>> ns1.v6ns.org. 86400 IN A 77.103.161.36
>>> ns1.v6ns.org. 86400 IN 2a01:348:133::a1
>>> ns2.v6ns.org.
> Just to clarify, does this also apply to HMAC-MD5 (block size = 64 bytes,
> digest size = 16 bytes) ?
MD5 is not affected.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lis
On Jan 9 2010, Evan Hunt wrote:
We've recently found out about an interoperability flaw affecting all the
HMAC-SHA* algorithms; it affects any key with a secret longer than the
digest length of the algorithm (which is 28 bytes, for HMAC-SHA224). If
your secret is longer than that, try a shorter
On 2010/01/11, at 12:29, Mathew J. Newton wrote:
> Specifically, the Dig tool at http://www.kloth.net/services/dig.php seems
> unable to resolve my records and I can't help but feel it's a problem at
> my end rather than theirs!
The problem may be at Kloth.. but at least one of the many possible
On 2010/01/11, at 12:57, Rick Dicaire wrote:
> If I understand this correctly, the lack of an ANSWER section for
> query would denote there is no ipv6 glue at the TLD?
No, that would indicate that the name server you queried is not authoritative
for the record you queried about. Glue, by
On Mon, January 11, 2010 6:27 pm, Miles Mccredie wrote:
> FWIW, this is what I'm seeing from an IPv4 only host. Not sure if the
> unexpected source is the problem that kloth.net is seeing or whether
> it's the result of putting
>> *;; reply from unexpected source: 77.103.161.36#60741, expected
>
On Mon, January 11, 2010 5:57 pm, Rick Dicaire wrote:
> While this is not in response to your original question, I am curious.
> I'm not sure if you were part of the discussion we just had on IRC
> freenode #ipv6, but querying a .org TLD NS for records for ns1
> and ns2.v6ns.org return no a
On 11 Jan 2010, at 18:29, Mathew J. Newton wrote:
Specifically, the Dig tool at http://www.kloth.net/services/dig.php
seems
unable to resolve my records and I can't help but feel it's a
problem at
my end rather than theirs!
It's their end
The domain is v6ns.org, and the record I am attempt
On Mon, Jan 11, 2010 at 12:29 PM, Mathew J. Newton
wrote:
> The same delegation records are present as glue in the .org nameservers.
While this is not in response to your original question, I am curious.
I'm not sure if you were part of the discussion we just had on IRC
freenode #ipv6, but queryi
Kaya Saman wrote:
Hi all,
this is the first time I'm going to be playing around with a setup
like this so I'd like to get some advice:
I would like to run a master/slave configuration of Bind servers but
am confused about how to implement such a setup and the underlying
network fabric invol
The problem reported below proves to have been resolved by this change:
2797. [bug] Don't decrement the dispatch manager's maxbuffers.
[RT #20613]
When randomized query ports was implemented, the increase in the number
concurrently-used sockets had an equivalent increased usage need of
another re
I would be grateful if someone might be able to shed some light on an
apparent problem I've got with an experimental DNS I have setup.
Specifically, the Dig tool at http://www.kloth.net/services/dig.php seems
unable to resolve my records and I can't help but feel it's a problem at
my end rather th
I moved my query.log to /var/log/named/ and I correct named.local.conf to log
there
-Messaggio originale-
Da: bind-users-bounces+autuori.gianluigi.wintime=ansaldobreda...@lists.isc.org
[mailto:bind-users-bounces+autuori.gianluigi.wintime=ansaldobreda...@lists.isc.org]
Per conto di Autu
Thanks, now it works fine
-Messaggio originale-
Da: Hauke Lampe [mailto:list+bindus...@hauke-lampe.de]
Inviato: lunedì 11 gennaio 2010 13.15
A: Autuori Gianluigi
Cc: bind-users@lists.isc.org
Oggetto: Re: Logging problems on Bind9
Autuori Gianluigi wrote:
> I'm using Bind9 and Ubuntu 8.
Tahnks...
I check it but selinux is not installed
-Messaggio originale-
Da: Chris Buxton [mailto:chris.p.bux...@gmail.com]
Inviato: lunedì 11 gennaio 2010 12.47
A: Autuori Gianluigi
Cc: bind-users@lists.isc.org
Oggetto: Re: Logging problems on Bind9
You're seeing a message from SELinux.
Autuori Gianluigi wrote:
> I'm using Bind9 and Ubuntu 8.04 kernel 2.6.24.
> Named runs as bind user and in my named.conf.local I wrote:
Ubuntu uses AppArmor (http://en.wikipedia.org/wiki/AppArmor)
You need to edit the profile for usr.sbin.named in /etc/apparmor.d/ if
you want named to write file
You're seeing a message from SELinux. Turn it off, or set it to permissive
mode, to allow this to work. Or you can try to add the necessary permission to
the profile for named; this is not something I've ever done, so I can't give
guidance.
Chris Buxton
On Jan 11, 2010, at 3:24 AM, Autuori Gia
I'm using Bind9 and Ubuntu 8.04 kernel 2.6.24.
Named runs as bind user and in my named.conf.local I wrote:
logging {
channel query.log {
file "/var/log/query.log";
severity dynamic;
};
category queries { query.log; };
};
but in /var/log/mess
24 matches
Mail list logo
