Date: Thu, 22 Feb 2001 15:37:58 -0500 (EST) From: "Michael Richards" <michael@fastmail.ca> To: Cy.Schubert@uumail.gov.bc.ca Cc: freebsd-security@FreeBSD.ORG Subject: Re: Bind problems Message-ID: <3A9578A6.000055.93744@frodo.searchcanada.ca>
next in thread | raw e-mail | index | archive | help
--------------Boundary-00=_ANE6GR72Q7BNTT4D7TH0
Content-Type: Text/Plain
Content-Transfer-Encoding: 7bit
Hi.
Within minutes of discovering that the version of bind was
compromised, it was shut down and an onsite person booted the system
from a disk and ran tripwire. Nothing odd. I've been monitoring via
the firewall and paying close attention to that machine and there is
nothing out of the ordinary going on with it. I have a feeling that
people were trying a linux specific exploit and that was merely
causing bind to crash.
-Michael
> I wouldn't be surprised if your system has already been hacked.
> 8.2.3-REL has fixed all known (to ISC) security holes. All
> previous versions of BIND are vulnerable. If I (taking my
> manager's hat off and putting my security officer's hat on) were
> you I'd do the prudent thing, which is to verify the system was
> not already hacked or otherwise consider the system suspect until
> I can prove it otherwise.
_________________________________________________________________
http://fastmail.ca/ - Fast Free Web Email for Canadians
--------------Boundary-00=_ANE6GR72Q7BNTT4D7TH0--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A9578A6.000055.93744>