jdow wrote:
From: "Yves Goergen" <[EMAIL PROTECTED]>
Sent: Wednesday, 2008, July 23 09:05
On 23.07.2008 10:03 CE(S)T, Dirk Bonengel wrote:
Just a thought, but could you install a local nameserver (bind9) to
act as a caching nameserver?
AFAIK, at least in Debian you just need to 'apt-get install' bind.
Default config is OK
This is Debian 3.1, it's pretty likely to be out of date. I'm
currently in the process of preparing the upgrade, but it will take
some time.
Since you are experiencing a DNS problem and there is an exploit
for the Kaminsky DNS bug that was fixed in a massive multi-vendor
roll out, are you patched or are you sure you are not getting your
DNS spoofed?
AFAIK, The problem is only for recursive servers.
Anyway, I'm not sure there is a patch for debian 3.1. time to upgrade?
BTW. the "bug" was disclosed by now
http://beezari.livejournal.com/141796.html
so now "everybody" knows how to exploit it...
