| Subject: | Re: named config |
|---|---|
| From: | Tony van der Hoff <news@xxxxxxxxxxxxxxxxxxxxx> |
| Date: | Tue, 29 Jul 2008 18:38:27 +0100 |
| Newsgroups: | uk.comp.os.linux |
On 29 Jul at 17:31 Chris Davies <chris-usenet@xxxxxxxxxxxx> wrote in message
<q7t3m5x054.ln2@xxxxxxxxxxxxxxxxx>
> Tony van der Hoff <news@xxxxxxxxxxxxxxxxxxxxx> wrote:
> > For any named gurus out there, I'm running BIND9 as a caching nameserver
> > under Debian etch.
>
> As an important side issue to your actual question, please make sure that
> you upgrade it ASAP. You may (or may not) have read about the DNS exploits
> that are being talked about right now, but essentially it allows attackers
> to poison one's DNS cache so that names map to the wrong IP addresses.
> (Can you say bank website spoofing?)
[snip]
Aye:
bind9 (1:9.3.4-2etch3) stable-security; urgency=high
* Randomize UDP query source ports to improve forgery resilience.
(CVE-2008-1447)
-- LaMont Jones <lamont at debian dot org> Sun, 06 Jul 2008 19:19:53 -0600
Debian's pretty good with security patches, and I've got automatic
notification enabled. Thanks for the reminder!
--
Tony van der Hoff | mailto:news_0711@xxxxxxxxxxxxxx
Buckinghamshire, England
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Response from Southern Electric, rousseau |
|---|---|
| Next by Date: | Re: Is my old RedHat computer doomed?, Frank Peelo |
| Previous by Thread: | Re: named config, Chris Davies |
| Next by Thread: | Re: named config, Tony van der Hoff |
| Indexes: | [Date] [Thread] [Top] [All Lists] |