[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bind 8.2.2-P7 dies



 Has anyone experienced bind 8.2.2-P7 built from ports in
 Release 2.8 to crash when receiving queries of type TXT/CHAOS ?

Ye gads, man. 8.2.2-P<anything> has ugly root exploits out for it.

Feb 25 20:44:56 ns2 named[18020]: XX /64.45.60.53/version.bind/TXT/CHAOS

What you're probably seing is a query for the bind version. Then, because you're running 8.2.2 and advertising "hack me", you're probably getting hit with buffer overflow code that's crashing your name server.

Using binds access control features would help. I see bind version queries on a regular basis but these are refused by my access controls. No one has crashed named yet.I've set to allow recursive queries only from the local network and then allow queries from outside only for authoritive zones I wish to make public.



--


-Rickie Kerndt Santa Clara, CA kerndtr_(_at_)_kerndt_(_dot_)_com



Visit your host, monkey.org