Login or Register to Ask a Question and Join Our Community


Cybersecurity

Dns cache poisoning upgrade to bind9.5.0p2

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Dns cache poisoning upgrade to bind9.5.0p2
# 1  
Old 08-13-2008
Dns cache poisoning upgrade to bind9.5.0p2
Hi again guys,

It seems this is a global thing affecting all the DNS bind versions prior to July 28 2008. I have my work cut out for me very soon, I see at least a handful of servers in my list that either need to patching or upgrading.

How many of you guys are affected? Anybody successfully upgraded for unix? Any problems encountered that we need to beware of? Smilie

US-CERT Vulnerability Note VU#800113
Internet Systems Consortium, Inc.
# 2  
Old 08-13-2008
Depending on your current Bind versions, you might need to specify some configuration items explicitly inside the options block in named.conf:

- allow-query and allow-transfer
- check-names
- minimal-responses
- transfer-format
See Upgrading DNS Bind to 9.5.0 p2 | Unixplaza Blog
# 3  
Old 08-13-2008
thx for the info Amsct.

Tho I know the upgrade will only touch on the binary I just want to ask is there any requirement at all to lower the TTL prior to doing the upgrade?
# 4  
Old 08-14-2008
Lowering the TTL is not necessarily a good thing for this issue.

See attached BlackHat presentation by Dan.
DMK_BO2K8.zip (1.51 MB) 
# 5  
Old 08-14-2008
I didn't know lowering TTL could be a problem.

WOW this is very interesting Neo
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Solaris

DNS Cache Problem-Urgent !!!!!!

I have DNS Server running in solaris 10 . There is website called exaple.com ,whcih was hosted in this dns server with IP 1.2.3.4 ,now we deleted the DNS entry of that website from our DNS Server (db.exmaple.com is deleted from named.conf ) and it is hosted with some other name server with IP... (1 Reply)
Discussion started by: sandeep.tk
1 Replies

2. Solaris

Bind9 DNS on Solaris 10 x4270 & CPU usage

I have configured a Bind9 DNS on a X4270 machine with Solaris10 I am excuting some repformance tests with DNSPERF tool and maximun CPU usage is 23%. I have seen with prstat -L -p PID that named process usses only 2 of the 8 available CPU at the same time although threads for all CPUs exist.... (2 Replies)
Discussion started by: parisph
2 Replies

3. IP Networking

DNS upgrade issues, bind9.5.0_P1

so we had bind 9.3.0... we upgraded to 9.5.0 patch 1 we kept the exact same named.conf now we have a problem that some DMZ server cant do lookups from our DNS slave anymore. in the named.log we see things like this: 22-Jul-2008 16:05:04.694 security: info: client <our DMZ servers... (2 Replies)
Discussion started by: robsonde
2 Replies

4. IP Networking

how can we spoof ethernet by ARP cache poisoning on unix through a program

how can we spoof ethernet by ARP cache poisoning on unix through a program... can anyone post the source code to achieve this... (1 Reply)
Discussion started by: ud4u
1 Replies
Login or Register to Ask a Question