Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian User (http://www.linux-archive.org/debian-user/)
-   -   Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning.. (http://www.linux-archive.org/debian-user/122178-sarge-bind9-9-2-4-1sarge3-dns-cache-poisoning.html)

John Elliot 07-10-2008 02:52 AM

Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..
 
Hi,

*

We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that appear to be vulnerable to the DNS cache poisoning issue(Looks like port randomization was only introduced in bind9.3?) - As the servers cannot be upgraded at this time to etch, what is the recommended course of action? Backports and upgrade to 9.3?

*

*

Sell your car for just $40 at CarPoint.com.au It's simple!

Ron Johnson 07-10-2008 02:56 AM

Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/09/08 21:52, John Elliot wrote:
> Hi,
>
> We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that
> appear to be vulnerable to the DNS cache poisoning issue(Looks like port
> randomization was only introduced in bind9.3?) - As the servers cannot
> be upgraded at this time to etch, what is the recommended course of
> action? Backports and upgrade to 9.3?

Upgrade to Vista?

- --
Ron Johnson, Jr.
Jefferson LA USA

"Kittens give Morbo gas. In lighter news, the city of New New
York is doomed."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkh1enQACgkQS9HxQb37XmfL7wCfZrv4e5TP7j 8NLPT9VYpEMUv1
zCIAoIH904Sc6cuNb3Km+YEYdYC/FWLS
=HGqO
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

"Mumia W.." 07-10-2008 06:32 AM

Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..
 
On 07/09/2008 09:52 PM, John Elliot wrote:

Hi,

We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that
appear to be vulnerable to the DNS cache poisoning issue(Looks like
port randomization was only introduced in bind9.3?) - As the servers
cannot be upgraded at this time to etch, what is the recommended
course of action? Backports and upgrade to 9.3?




There is a version of bind 9.3.4 for Sarge in backports.org, but they
don't publish changelogs, so you'll have to research yourself if this
bug has been fixed in their version.



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

"Eugene V. Lyubimkin" 07-10-2008 09:37 AM

Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John Elliot wrote:
> Hi,
>
> We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that
> appear to be vulnerable to the DNS cache poisoning issue(Looks like port
> randomization was only introduced in bind9.3?) - As the servers cannot
> be upgraded at this time to etch, what is the recommended course of
> action? Backports and upgrade to 9.3?
I remember that DSA gave one or two workarounds...

- --
Eugene V. Lyubimkin aka JackYF, Ukrainian C++ developer.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIddhEchorMMFUmYwRAl6RAKCrvnVNNEC9/2NR/zcdzoUKWQhGnACbBhK5
tITKgtMi0qPVGJRRWEcEgZI=
=phkL
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


All times are GMT. The time now is 09:37 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.