Date: Wed, 13 Nov 2002 10:58:12 +1100 From: "Michael Carew" <MichaelCarew@bytecraftsystems.com> To: <freebsd-security@FreeBSD.ORG> Subject: Re: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd)] Message-ID: <07fe01c28aa7$5bdeba10$0d11000a@wscarewm> References: <20021112172820.GV96637@techometer.net> <07dc01c28aa4$fdb51d50$0d11000a@wscarewm> <20021112234706.GB62028@hellblazer.nectar.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
At least limiting it prevents someone setting up an authoritative server, then making a query to that domain off your name server. They are then reliant on a legitimate client querying the server with the malicious content, rather than them doing it themselves. Reducing the changes substantially I would imagine. ----- Original Message ----- From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: "Michael Carew" <carewm@bytecraft.au.com> Cc: <freebsd-security@FreeBSD.ORG> Sent: Wednesday, November 13, 2002 10:47 AM Subject: Re: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd)] > On Wed, Nov 13, 2002 at 10:41:15AM +1100, Michael Carew wrote: > > One thing that the advisory seems to leave out, is limiting recursion, > > rather than disabling. > > It leaves it out because it doesn't help much. Your name server will > still query other name servers, and those other name servers (or > someone spoofing them, maybe) can send malicious replies that your > name server will process. > > Cheers, > -- > Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ > NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos > jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se > > ************************************************************************ > This Email has been scanned for Viruses by MailMarshal > an automated gateway email virus scanner. > > ************************************************************************ > ************************************************************************ This Email has been scanned for Viruses by MailMarshal an automated gateway email virus scanner. ************************************************************************ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?07fe01c28aa7$5bdeba10$0d11000a>