Date: Thu, 22 Feb 2001 07:07:24 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: "Michael Richards" <michael@fastmail.ca> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Bind problems Message-ID: <200102221507.f1MF7iX45138@cwsys.cwsent.com> In-Reply-To: Your message of "Wed, 21 Feb 2001 21:18:56 EST." <3A947710.000009.60978@frodo.searchcanada.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <3A947710.000009.60978@frodo.searchcanada.ca>, "Michael Richards" wr ites: > Since the big BIND vulnerability, I checked all my versions of BIND > to make sure they weren't the 8.2.2 variety. None were. > > Most returned: named 8.2.3-T6B Thu Nov 23 19:00:06 EST 2000 > Which is not supposed to be vulnerable. I wouldn't be surprised if your system has already been hacked. 8.2.3-REL has fixed all known (to ISC) security holes. All previous versions of BIND are vulnerable. If I (taking my manager's hat off and putting my security officer's hat on) were you I'd do the prudent thing, which is to verify the system was not already hacked or otherwise consider the system suspect until I can prove it otherwise. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102221507.f1MF7iX45138>