From owner-freebsd-security Thu Feb 22 7: 9: 2 2001 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 57AA237B65D for ; Thu, 22 Feb 2001 07:08:47 -0800 (PST) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id HAA28508; Thu, 22 Feb 2001 07:08:34 -0800 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda28506; Thu Feb 22 07:08:25 2001 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.2/8.9.1) id f1MF8Ks24780; Thu, 22 Feb 2001 07:08:20 -0800 (PST) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdP24778; Thu Feb 22 07:07:44 2001 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.2/8.9.1) id f1MF7iX45138; Thu, 22 Feb 2001 07:07:44 -0800 (PST) Message-Id: <200102221507.f1MF7iX45138@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdK45091; Thu Feb 22 07:07:24 2001 X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: schubert To: "Michael Richards" Cc: freebsd-security@FreeBSD.ORG Subject: Re: Bind problems In-reply-to: Your message of "Wed, 21 Feb 2001 21:18:56 EST." <3A947710.000009.60978@frodo.searchcanada.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 22 Feb 2001 07:07:24 -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <3A947710.000009.60978@frodo.searchcanada.ca>, "Michael Richards" wr ites: > Since the big BIND vulnerability, I checked all my versions of BIND > to make sure they weren't the 8.2.2 variety. None were. > > Most returned: named 8.2.3-T6B Thu Nov 23 19:00:06 EST 2000 > Which is not supposed to be vulnerable. I wouldn't be surprised if your system has already been hacked. 8.2.3-REL has fixed all known (to ISC) security holes. All previous versions of BIND are vulnerable. If I (taking my manager's hat off and putting my security officer's hat on) were you I'd do the prudent thing, which is to verify the system was not already hacked or otherwise consider the system suspect until I can prove it otherwise. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message