From owner-freebsd-questions@FreeBSD.ORG Thu Dec 18 02:58:55 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 64A8C16A4CE for ; Thu, 18 Dec 2003 02:58:55 -0800 (PST) Received: from natsmtp01.rzone.de (natsmtp01.rzone.de [81.169.145.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FB2243D36 for ; Thu, 18 Dec 2003 02:58:53 -0800 (PST) (envelope-from Robert.Eckardt@Robert-Eckardt.de) Received: from quasar.eckardt.org (pD951AF35.dip.t-dialin.net [217.81.175.53]) by post.webmailer.de (8.12.10/8.12.10) with ESMTP id hBIAwmA5016732 for ; Thu, 18 Dec 2003 11:58:49 +0100 (MET) Received: from roberte.no-ip.org (localhost.eckardt.org [127.0.0.1]) by quasar.eckardt.org (8.12.9/8.12.6) with ESMTP id hBIAwfJE039552; Thu, 18 Dec 2003 11:58:42 +0100 (CET) (envelope-from Robert.Eckardt@Robert-Eckardt.de) From: "Robert Eckardt" To: Kris Kennaway Date: Thu, 18 Dec 2003 12:58:41 +0100 Message-Id: <20031218102846.M37848@Robert-Eckardt.de> In-Reply-To: <20031217042810.GA31507@xor.obsecurity.org> References: <20031216191701.M14568@Robert-Eckardt.de> <20031217042810.GA31507@xor.obsecurity.org> X-Mailer: Open WebMail 2.10 20030617 X-OriginatingIP: 193.155.253.3 (roberte) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 cc: questions@freebsd.org Subject: Re: DOS of named X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Dec 2003 10:58:55 -0000 On Tue, 16 Dec 2003 20:28:10 -0800, Kris Kennaway wrote > On Tue, Dec 16, 2003 at 10:01:33PM +0100, Robert Eckardt wrote: > > Hi, > > > > what measures can I take against this irregular appearing Denial-Of-Service > > attacks of named which is filling my logfiles (messages, daemon, all.log) > > with messages like "sysquery: no addrs found for root NS" for minutes at > > a rate of 4000 lines/sec? > > > > I'm using named 8.3.3-REL on FBSD-5.0R. > > Both are very old and have a number of known problems. Upgrade to > the latest versions. Hi Kris, You can't be serious. :-) I know that my release isn't at the front of development. But 5.0R is the latest release known to work on my EPoX MB with a HighPoint 372N controller. (I don't want to test every new release, when there is no indication of change in support for my RAID controller.) And as far as named is concerned: From looking at the discussion on their mailing list this problem happens for a wide variety of releases on different operating systems, but with no one having the intention to fix it. (I even found the question I asked more than 7 years ago on this list to the very same problem. At that time the computers just weren't fast enough to write 4000 lines/sec.) Thus, I cannot accept the simple call for the new release. Instead I hope for a solution to the problem. (Do you install the chinese X-fonts when you have a problem with your FCAL controller just because SUN says that the patch isn't up-to-date? I don't. I read the relaes notes.) I didn't mean to apear rude. Regards, Robert