From owner-freebsd-isp Tue Feb 27 22:11:39 2001 Delivered-To: freebsd-isp@freebsd.org Received: from ns.internet.dk (ns.internet.dk [194.19.140.1]) by hub.freebsd.org (Postfix) with ESMTP id EA73A37B719 for ; Tue, 27 Feb 2001 22:11:34 -0800 (PST) (envelope-from leifn@neland.dk) Received: (from uucp@localhost) by ns.internet.dk (8.11.2/8.11.2) id f1S6BXU21060 for freebsd-isp@FreeBSD.ORG.AVP; Wed, 28 Feb 2001 07:11:33 +0100 (CET) (envelope-from leifn@neland.dk) Received: (from uucp@localhost) by ns.internet.dk (8.11.2/8.11.2) with UUCP id f1S6BW121041; Wed, 28 Feb 2001 07:11:32 +0100 (CET) (envelope-from leifn@neland.dk) Received: from gina (gina.neland.dk [192.168.0.14]) by arnold.neland.dk (8.11.1/8.11.0) with SMTP id f1S6BCx19544; Wed, 28 Feb 2001 07:11:22 +0100 (CET) (envelope-from leifn@neland.dk) Message-ID: <002501c0a14d$75685760$0e00a8c0@neland.dk> Reply-To: "Leif Neland" From: "Leif Neland" To: References: <004201c0a123$85f495a0$7ccc29d0@thestanfields.com> Subject: Re: bind attacks Date: Wed, 28 Feb 2001 07:12:30 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by ns.internet.dk id f1S6BW121041 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I've been getting core dumps in bind every other day for the past couple of > weeks. I took it as no coincidence that the software which had never (not > once) faulted in a year started going down very often just after the cert > note came out. > > Unfortunately I've not yet had the time to upgrade the servers. What is the > general impression of the upgrade process from those who've succesfully done > so? Initially I saw a lot of posts about the new release being very syntax > specific and a lot of problems resulting thereof. Anything to watch out for > beyond using the proper syntax in your zone files? All my bind boxes are > freebsd, of course. If you just upgrade to 8.2.3-REL, there is no problems. If you want to upgrade to 9.1, at least one difference is that each zonefile requires a $TTL nnn I'm not sure if the line can be anywhere in the file so something like this: for x in `grep -l ORIGIN *` do if grep -v TTL $x then echo "\$TTL=28800" >>$x fi done will work. You could just make bind 9, but not installing it, then running it from the build directory, attach to a different port with option -p and see if it barfs on anything. Leif To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message