Re: [PUG] heise online: Sicherheitsluecke in DNS-Resolver-Librari es

Robert Weiï¿½graeber Tue, 02 Jul 2002 23:55:52 -0700

Hallo!

* Schmitt, Martin (Dregis STB C) wrote/schrieb:
> > Sicherheitslï¿½cke in DNS-Resolver-Libraries
> FreeBSD-Team gibt. Ich fï¿½hle mich ziemlich angeschmiert und versuche jetzt
> zu beurteilen, ob ich das Problem irgendwie aussitzen kann.
Im Advisory steht das hier:
((
        Use a local caching DNS server



Using a local caching DNS server that reconstructs DNS responses can
prevent malicious responses from reaching systems using vulnerable DNS
resolver libraries. For example, BIND 9 reconstructs responses in this
way, with the exception of forwarded dynamic DNS update messages. Note
that BIND 8 does not reconstruct all responses; therefore this
workaround may not be effective when using BIND 8 as a caching DNS
server. 
))

vielleicht hilft dir das weiter.

Gruï¿½

//Robert

-- 
,-----------------------------------------------------------------------------.
>    Robert Weissgraeber    |    Go not to Usenet for counsel, for it will    <
>      [EMAIL PROTECTED]     |     say both no, and yes, and no, and yes...    <
`-----------------------------------------------------------------------------'
----------------------------------------------------------------------------
PUG - Penguin User Group Wiesbaden - http://www.pug.org

Re: [PUG] heise online: Sicherheitsluecke in DNS-Resolver-Librari es

Antwort per Email an