Date: Thu, 22 Feb 2001 17:36:32 -0800 (PST) From: Doug Barton <DougB@gorean.org> To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> Cc: Michael Richards <michael@fastmail.ca>, <freebsd-security@FreeBSD.ORG> Subject: Re: Bind problems Message-ID: <Pine.BSF.4.33.0102221733210.15771-100000@dt051n37.san.rr.com> In-Reply-To: <200102221507.f1MF7iX45138@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 Feb 2001, Cy Schubert - ITSD Open Systems Group wrote:
> In message <3A947710.000009.60978@frodo.searchcanada.ca>, "Michael
> Richards" wr
> ites:
> > Since the big BIND vulnerability, I checked all my versions of BIND
> > to make sure they weren't the 8.2.2 variety. None were.
> >
> > Most returned: named 8.2.3-T6B Thu Nov 23 19:00:06 EST 2000
> > Which is not supposed to be vulnerable.
Any BIND 8 other than 8.2.3-REL *IS* vulnerable. No one (ISC,
FreeBSD, etc.) has ever said any different.
> If I (taking my manager's hat off and
> putting my security officer's hat on) were you I'd do the prudent
> thing, which is to verify the system was not already hacked or
> otherwise consider the system suspect until I can prove it otherwise.
It's impossible to prove that a system connected to a network has
not been hacked. If you have even a reasonable suspicion that a machine is
compromised you should assume it is and proceed accordingly.
Doug
--
"Pain heals. Chicks dig scars. Glory . . . lasts forever."
-- Keanu Reeves as Shane Falco in "The Replacements"
Do YOU Yahoo!?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0102221733210.15771-100000>