From owner-freebsd-security Thu Jun 12 11:30:10 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id LAA12593 for security-outgoing; Thu, 12 Jun 1997 11:30:10 -0700 (PDT) Received: from denver.net (milehigh.denver.net [204.144.180.2]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA12588 for ; Thu, 12 Jun 1997 11:30:08 -0700 (PDT) Received: from localhost (jdc@localhost) by denver.net (8.8.5/8.8.5) with SMTP id MAA19219; Thu, 12 Jun 1997 12:29:35 -0600 (MDT) Date: Thu, 12 Jun 1997 12:29:34 -0600 (MDT) From: John-David Childs To: Dmitry Valdov cc: freebsd-security@FreeBSD.ORG Subject: Re: DNS abuse (fwd) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Thu, 12 Jun 1997, Dmitry Valdov wrote: > > > I've just compiled 2.2.2's named (-static) and replaced it on my > nameserver...(fbsd 2.1.5). It still vulnerable. > So.. Is there any way to fix it? > I haven't looked yet (just installed a 2.2.2. box myself this morning), but I'd bet it still uses BIND 4.9.X The bugs you are questioning with respect to the posted web page are fixed I believe in BIND 8.1 (ftp://ftp.isc.org/isc/bind/) -- John-David Childs (JC612) http://www.denver.net System Administrator jdc@denver.net & Network Engineer Think, Listen, Look, THEN Act! "A verbal contract isn't worth the paper it's written on" - Louis B Mayer > > > > ---------- Forwarded message ---------- > > Date: Thu, 12 Jun 1997 08:02:22 +0200 > > From: Jordi Murgo > > To: BUGTRAQ@NETSPACE.ORG > > Subject: DNS abuse > > > > Test this URL to see if your DNS is abusable. > > > > http://apostols.org/toolz/dnshack.cgi > > > > ======================================= > > > > > >