subject:"vulnerability of bind"

vulnerability of bind

2010-12-14 Thread fakessh @

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hello bind network


I just realized that my version of bind and vulnerable and I'm wondering
if by upgrading to version 9.5.2-P4 I would always be vulnerable



i use centos 5.5 and use
http://www.pramberger.at/peter/services/repository/rhel5/ deposit


thanks
- -- 
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
gpg --keyserver pgp.mit.edu --recv-key 092164A7
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iD8DBQFNB7dLtXI/OwkhZKcRAhA7AJ9P5y0Lp5KpX3rNmas4rEnNX33FMwCfdQUq
Bg9aAabFVLPFYYk8zLeTLUE=
=jhLX
-END PGP SIGNATURE-
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: vulnerability of bind

2010-12-14 Thread Warren Kumari


A question like this comes along avery few weeks

Just download the latest bind source from: http://www.isc.org/software/bind 
, configure, make, make test, install.


This is my cheat sheet (I do this every few months on ~10 servers -- I  
keep meaning to set up a puppet / similar script to take care of this  
for me, but never seem to manage to collect enough toits):



-
== Get source ==

   ftp://ftp.isc.org/isc/bind9/

Unzip / untar source.

  cd /usr/local/src/bind
  sudo wget ftp://ftp.isc.org/isc/bind9/9.7.2-P3/bind-9.7.2-P3.tar.gz

Now get and validate the GPG signature.
  sudo wget ftp://ftp.isc.org/isc/bind9/9.7.2-P3/bind-9.7.2-P3.tar.gz.sha256.asc
  gpg --verify bind-9.7.2-P3.tar.gz.sha256.asc bind-9.7.2-P3.tar.gz

Assuming all is good:
  sudo tar -xvzf bind-9.7.2-P3.tar.gz
  sudo rm bind-9.7.2-P3.tar.gz.*
  sudo chown -R wkumari.wkumari bind-9.7.2-P3/

  cd bind-9.7.2-P3/

Make sure you have the required dependencies

  sudo apt-get install openssl libssl-dev gcc

And now build
  ./configure --with-openssl=yes --with-randomdev=/dev/urandom
  make

And lets run some tests:
  make test

Check and install the new version:

  named -v
  which named
  make install
  named -v


Restart bind:
  sudo /etc/init.d/bind9 stop
  sudo /etc/init.d/bind9 start
  dig www.kumari.net +dnssec @localhost




Obviously, replace the versions with something sane, and the user /  
check domain with something else...


Oh, also tell your package manager that you no longer want it to do,  
well, whatever it thinks it is doing...



W


On Dec 14, 2010, at 1:28 PM, fakessh @ wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hello bind network


I just realized that my version of bind and vulnerable and I'm  
wondering

if by upgrading to version 9.5.2-P4 I would always be vulnerable



i use centos 5.5 and use
http://www.pramberger.at/peter/services/repository/rhel5/ deposit


thanks
- --
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
gpg --keyserver pgp.mit.edu --recv-key 092164A7
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iD8DBQFNB7dLtXI/OwkhZKcRAhA7AJ9P5y0Lp5KpX3rNmas4rEnNX33FMwCfdQUq
Bg9aAabFVLPFYYk8zLeTLUE=
=jhLX
-END PGP SIGNATURE-
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: vulnerability of bind

2010-12-14 Thread fakessh @

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Le 14.12.2010 19:28, fakessh @ a écrit :
 hello bind network
 
 
 I just realized that my version of bind and vulnerable and I'm wondering
 if by upgrading to version 9.5.2-P4 I would always be vulnerable
 
 
 
 i use centos 5.5 and use
 http://www.pramberger.at/peter/services/repository/rhel5/ deposit
 
 
 thanks



I finally just made the upgrade to bind-9.7.0-5.P2.el5.i386.rpm packages
is available on the http://people.redhat.com/atkac/ and I wonder if this
package is also vulnerable wait the arrival of centos 5.6 for package
bind well to have updated and which supports dnssec


thanks
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iD8DBQFNB8LRtXI/OwkhZKcRAshPAJkBdZbA3r6sLea/JHYV8kQnqDS+YQCeMp6Y
gudIRWH7EOMB31gbK/cKp9A=
=Zl9n
-END PGP SIGNATURE-
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

vulnerability of bind

Re: vulnerability of bind

Re: vulnerability of bind

3 matches

Site Navigation

Mail list logo

Footer information