[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bind 8.2.2-P7 dies
- To: ports_(_at_)_openbsd_(_dot_)_org, kai_(_dot_)_gallasch_(_at_)_ruhr-uni-bochum_(_dot_)_de
- Subject: Re: Bind 8.2.2-P7 dies
- From: Rickie Kerndt <kerndtr_(_at_)_kerndt_(_dot_)_com>
- Date: Mon, 26 Feb 2001 09:13:47 -0800
Has anyone experienced bind 8.2.2-P7 built from ports in
Release 2.8 to crash when receiving queries of type TXT/CHAOS ?
Ye gads, man. 8.2.2-P<anything> has ugly root exploits out for it.
Feb 25 20:44:56 ns2 named: XX /126.96.36.199/version.bind/TXT/CHAOS
What you're probably seing is a query for the bind version. Then, because
you're running 8.2.2 and advertising "hack me", you're probably getting hit
with buffer overflow code that's crashing your name server.
Using binds access control features would help. I see bind version
queries on a regular basis but these are refused by my access
controls. No one has crashed named yet.I've set to allow recursive
queries only from the local network and then allow queries from
outside only for authoritive zones I wish to make public.
Santa Clara, CA