Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Gentoo: BIND Cache poisoning

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Gentoo: BIND Cache poisoning
# 1  
Old 07-11-2008
Gentoo: BIND Cache poisoning
LinuxSecurity.com: A weakness in the DNS protocol has been reported, which could lead to cache poisoning on recursive resolvers.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Linux

File cache /Page cache Linux

Hi All, could any one point out any open source test-suites for "File cache" testing and as well as performance test suites for the same. Currently my system is up with Linux/ext4. Regards Manish (0 Replies)
Discussion started by: hmanish
0 Replies

2. Linux

getting info on Cache Size, Data Cache etc..

Hi all I saw in Microsoft web site www.SysInternals.com a tool called CoreInfo from able to print out on screen the size of the Data and Instruction caches of your processor, the Locigal to Physical Processor mapping, the number of the CPU sockets. etc.. Do you know if in Linux is available a... (2 Replies)
Discussion started by: manustone
2 Replies

3. Cybersecurity

Dns cache poisoning upgrade to bind9.5.0p2

Hi again guys, It seems this is a global thing affecting all the DNS bind versions prior to July 28 2008. I have my work cut out for me very soon, I see at least a handful of servers in my list that either need to patching or upgrading. How many of you guys are affected? Anybody successfully... (4 Replies)
Discussion started by: sparcguy
4 Replies

4. IP Networking

how can we spoof ethernet by ARP cache poisoning on unix through a program

how can we spoof ethernet by ARP cache poisoning on unix through a program... can anyone post the source code to achieve this... (1 Reply)
Discussion started by: ud4u
1 Replies

5. UNIX for Advanced & Expert Users

UBC cache vs. Metadata cache

hi, What is the difference between UBC cache and Metadata cache ? where can i find UBC cache Hits and Metadata cache Hits in hp-ux? Advanced thanx for the help. (2 Replies)
Discussion started by: sushaga
2 Replies
Login or Register to Ask a Question

LEARN ABOUT HPUX

lwresd

lwresd(1M)																lwresd(1M)

NAME

       lwresd - lightweight resolver daemon

SYNOPSIS

       config-file] debuglevel] pid-file] ncpus] query-port] port] directory] user-id]

DESCRIPTION

       The  daemon provides name lookup services for clients that use the BIND 9 lightweight resolver library.	It is essentially a stripped-down,
       caching-only name server that answers queries using the BIND 9 lightweight resolver protocol rather than the DNS protocol.

       listens for resolver queries on a UDP port on the IPv4 loopback interface, 127.0.0.1.  This means that can only be used by  processes  run-
       ning on the local machine.  By default, UDP port number 921 is used for lightweight resolver requests and responses.

       Incoming  lightweight  resolver	requests  are  decoded by which then resolves them using the DNS protocol.  When the DNS lookup completes,
       encodes the answers from the name servers in the lightweight resolver format and returns them to the client that made the original request.

       If the configuration file contains any entries, sends recursive DNS queries to those servers.  This is similar to the use of forwarders	in
       a  caching  name  server.   If  no entries are present, or if forwarding fails, resolves the queries autonomously starting at the root name
       servers, using a compiled-in list of root-server hints.

   Options
       Use	 config-file as the configuration file.  The default is

       Set the debug level to
		 debuglevel.  Debugging traces from become more verbose as the debug level increases.

       Run	 in the foreground.

       Run	 in the foreground and force all logging to standard error.

       Write the daemon's process ID to
		 pid-file.  The default is

       Create	 ncpus worker threads to take advantage of multiple CPUs.  By default, tries to determine the number of CPUs present  and  creates
		 one thread per CPU.  If it cannot determine the number of CPUs, it creates a single worker thread.

       Send DNS lookups to port number
		 query-port  when  querying  name servers.  This provides a way of testing the lightweight resolver daemon with a name server that
		 listens for queries on a nonstandard port number.

       Listen for lightweight resolver queries on the
		 loopback interface using UDP port number port.  The default is port 921.

       Write memory usage statistics to standard output on exit.
		 This option is only of interest to BIND 9 developers and may be removed or changed in a future release.

       Change root to
		 directory immediately after reading the configuration file (see chroot(2)).

       Run as	 user-id, which is a user name or numeric ID that must be present in the password file.  changes its user-id after it has  carried
		 out  any  privileged operations, such as writing the process-ID file or binding a socket to a privileged port (typically any port
		 less than 1024).

   Note
       is a daemon for lightweight resolvers, not a lightweight daemon for resolvers.

AUTHOR

       was developed by the Internet Systems Consortium (ISC).

FILES

       Default resolver configuration file

       Default process-id file

SEE ALSO

       named(1M), chroot(2).

       available online at

       available from the Internet Systems Consortium at

								     BIND 9.3								lwresd(1M)