Date: Wed, 26 Jun 2002 18:55:37 -0600 From: Brett Glass <brett@lariat.org> To: Mark.Andrews@isc.org Cc: security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv Message-ID: <4.3.2.7.2.20020626185228.00e8ad60@localhost> In-Reply-To: <200206270012.g5R0C8m0029482@drugs.dv.isc.org> References: <Your message of "Wed, 26 Jun 2002 13:33:34 CST." <4.3.2.7.2.20020626133115.022a0d30@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:12 PM 6/26/2002, Mark.Andrews@isc.org wrote: > Provided you are behind a nameserver you trust that reconstructs > the answer you should be fine. > > BIND 9 reconstucts all answers (excluding forwarded UPDATES). > BIND 8 forwards some and reconstructs others. Could an exploit be set up as a forwarded UPDATE? (Forgive me if this is a naive question; I know that I need to become more familiar with DDNS.) If not, then installing BIND 9 and/or forcing clients to consult a BIND 9 server may be an acceptable workaround. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020626185228.00e8ad60>