Date: Thu, 27 Jun 2002 02:00:04 +0200 From: "Aragon Gouveia" <aragon@phat.za.net> To: "Brett Glass" <brett@lariat.org> Cc: <freebsd-security@freebsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv Message-ID: <000f01c21d6d$99949ed0$01000001@aragon> References: <4.3.2.7.2.20020626143023.022716c0@localhost> <4.3.2.7.2.20020626151157.02193340@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
> But, again, it may be possible to defuse the bug without > tearing the whole system apart. After all, if resolv.conf > points the query at a locally running copy of, say, > BIND or djbdns, and the daemon blocks the exploit, you're > safe. Same if you query a domain name server (on the same > host or not) and *it* blocks the exploit. So, fixing the > problem might be as simple as turning on named and modifying > resolv.conf. Maybe also add some firewall rulesets to block spoofed packets from say, 127.0.0.1, entering your public interface. Regards, Aragon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000f01c21d6d$99949ed0$01000001>