Re: DNS server crashed

[Andrei MURESAN <andrei () FOO WAN RO>]

Jason Lewis scria la data de Tue, Feb 06, 2001 at 06:47:21PM -0500 :
> Anyone aware of exploits for the recent BIND security holes?  I had a name
> server crash today.  Nothing in the logs that point to anything, it was just
> down.  It is the only box I can't upgrade BIND on.  It has a funky OS
> install and I need to rebuild it from scratch.  I am waiting for new boxes,
> so it is low priority.
>
> I suspect someone was attempting to hack it, but I can't find any evidence.
> It was just hung.
>
> Thoughts?
>
> jas
> http://www.rivalpath.com

I had the same problem on my name server @ home. In the very same day I
upgraded to 8.2.3 and I had no problem since then. Btw, look carefuly in the
config files of the old bind, you might get some errors that weren't
printed out in the syslog when running ver. < 8.2.3. I mean, not the errors
regarding the TTL, its something related to the way you arange the config
data in the file. For example I had these lines in my config :

@       IN      SOA     ns1.example.net. root.exmaple.net
        ( 11 28800 14400 3600000 259200 )

The new named, 8.2.3, said that the first line isnt ending properly and that
the second line can't begin with "(". There was also a missing TTL error.
So, the new file I created, with no error when read by named looks like
this :

$TTL 84600
@       IN      SOA     ns1.example.net.        root.example. (
                11
                28800
                14400
                3600000
                259200 )

I hope that you find this useful and i suggest that you upgrade the bind
asap.


Andrei Muresan,
Wan Networks, Romania
http://www.wan.ro