Date: Thu, 22 Feb 2001 15:37:58 -0500 (EST) From: "Michael Richards" <michael@fastmail.ca> To: Cy.Schubert@uumail.gov.bc.ca Cc: freebsd-security@FreeBSD.ORG Subject: Re: Bind problems Message-ID: <3A9578A6.000055.93744@frodo.searchcanada.ca>
next in thread | raw e-mail | index | archive | help
--------------Boundary-00=_ANE6GR72Q7BNTT4D7TH0 Content-Type: Text/Plain Content-Transfer-Encoding: 7bit Hi. Within minutes of discovering that the version of bind was compromised, it was shut down and an onsite person booted the system from a disk and ran tripwire. Nothing odd. I've been monitoring via the firewall and paying close attention to that machine and there is nothing out of the ordinary going on with it. I have a feeling that people were trying a linux specific exploit and that was merely causing bind to crash. -Michael > I wouldn't be surprised if your system has already been hacked. > 8.2.3-REL has fixed all known (to ISC) security holes. All > previous versions of BIND are vulnerable. If I (taking my > manager's hat off and putting my security officer's hat on) were > you I'd do the prudent thing, which is to verify the system was > not already hacked or otherwise consider the system suspect until > I can prove it otherwise. _________________________________________________________________ http://fastmail.ca/ - Fast Free Web Email for Canadians --------------Boundary-00=_ANE6GR72Q7BNTT4D7TH0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A9578A6.000055.93744>