Re: BIND Nuking

[daniele () ORLANDI COM (Daniele Orlandi)]

Aveek Datta wrote:
> when executed as "bind_nuke bogus.org" on a host, that bogus.org's
> primary NS is configured to accept updates from, will cause named
> to silently die. Nothing in the logs, nothing on the console.
> After a number of similar packets has been received by named any
> subsequent attempt to run it will only result in a Segmentation Fault.
> [and there's "spoofing"...]

I configured bind to accept updates only from a single host.
What will happen if the attack comes from another host ?
Will it reject the update attemp as usual or crash anyway ?

In other words, will my host be vulnerable to external attacks if
configured in such way ?

zone "my.net"
{
 type master;
 file "my.net.zon";
 allow-update { 1.2.3.4; 127.0.0.1; };
};

If the answer is Yes, this could be very dangerous, every BIND 8.1.x
compiled with ALLOW_UPDATES will be vulnerable, even if you don't have
access to modify zones.

Regards.

--
 Daniele

--------------------------------------------------------------------
 Daniele Orlandi - Utility Line Italia - http://www.xt.net
 Via Mezzera 29/A - 20030 Seveso (MI) - Italy - FAX: ++39(362)540153
--------------------------------------------------------------------