FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 07-10-2008, 02:52 AM
John Elliot
 
Default Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..

Hi,

*

We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that appear to be vulnerable to the DNS cache poisoning issue(Looks like port randomization was only introduced in bind9.3?) - As the servers cannot be upgraded at this time to etch, what is the recommended course of action? Backports and upgrade to 9.3?

*

*

Sell your car for just $40 at CarPoint.com.au It's simple!
 
Old 07-10-2008, 02:56 AM
Ron Johnson
 
Default Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/09/08 21:52, John Elliot wrote:
> Hi,
>
> We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that
> appear to be vulnerable to the DNS cache poisoning issue(Looks like port
> randomization was only introduced in bind9.3?) - As the servers cannot
> be upgraded at this time to etch, what is the recommended course of
> action? Backports and upgrade to 9.3?

Upgrade to Vista?

- --
Ron Johnson, Jr.
Jefferson LA USA

"Kittens give Morbo gas. In lighter news, the city of New New
York is doomed."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkh1enQACgkQS9HxQb37XmfL7wCfZrv4e5TP7j 8NLPT9VYpEMUv1
zCIAoIH904Sc6cuNb3Km+YEYdYC/FWLS
=HGqO
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 07-10-2008, 06:32 AM
"Mumia W.."
 
Default Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..

On 07/09/2008 09:52 PM, John Elliot wrote:

Hi,

We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that
appear to be vulnerable to the DNS cache poisoning issue(Looks like
port randomization was only introduced in bind9.3?) - As the servers
cannot be upgraded at this time to etch, what is the recommended
course of action? Backports and upgrade to 9.3?




There is a version of bind 9.3.4 for Sarge in backports.org, but they
don't publish changelogs, so you'll have to research yourself if this
bug has been fixed in their version.



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 07-10-2008, 09:37 AM
"Eugene V. Lyubimkin"
 
Default Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning..

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John Elliot wrote:
> Hi,
>
> We have a couple of Sarge servers running bind9(9.2.4-1sarge3) that
> appear to be vulnerable to the DNS cache poisoning issue(Looks like port
> randomization was only introduced in bind9.3?) - As the servers cannot
> be upgraded at this time to etch, what is the recommended course of
> action? Backports and upgrade to 9.3?
I remember that DSA gave one or two workarounds...

- --
Eugene V. Lyubimkin aka JackYF, Ukrainian C++ developer.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIddhEchorMMFUmYwRAl6RAKCrvnVNNEC9/2NR/zcdzoUKWQhGnACbBhK5
tITKgtMi0qPVGJRRWEcEgZI=
=phkL
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 08:19 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org