Security Incidents mailing list archives
Re: DNS Bind
From: "Somaini, Justin" <Justin.Somaini () SCHWAB COM>
Date: Wed, 31 Jan 2001 14:57:59 -0700
Not that I'm aware of. DNS is not really my strongest suite so I have to rely upon our DNS guys. I believe that there needs to be an upgrade to fix the problem. If anyone disagrees please correct me. One thing to do is to change the version posting in the named.conf file. The scanner looking for sub 9.1 could be tricked. Actual attack failing of course. -----Original Message----- From: Russell Fulton [mailto:r.fulton () AUCKLAND AC NZ] Sent: Wednesday, January 31, 2001 1:42 PM To: INCIDENTS () SECURITYFOCUS COM Subject: Re: DNS Bind On Wed, 31 Jan 2001 10:47:24 -0800 "Somaini, Justin" <Justin.Somaini () SCHWAB COM> wrote:
Has anyone seen attacks, other than Microsoft, in regards to the bind tsig vuln.?
I've seen an increase in version probes against our advertised name servers. One question: I understand that the tsig vulnerability is in the DNSSEC code and, so far as I am aware, we are not using this now. Are there any options in the BIND config to disable DNSSEC? (as a stop gap until we can get the software upgraded). Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand
Current thread:
- DNS Bind Somaini, Justin (Jan 31)
- Re: DNS Bind Russell Fulton (Jan 31)
- <Possible follow-ups>
- Re: DNS Bind Somaini, Justin (Jan 31)
- Re: DNS Bind gabriel rosenkoetter (Jan 31)