[vox-tech] [fwd] BIND 9 denial of service exploit

Bill Kendrick nbs at sonic.net
Thu Jul 30 19:38:00 PDT 2009


Fwd of a fwd of a fwd:

-bill!

----- Forwarded message from Graham Freeman -----

Date: Thu, 30 Jul 2009 17:57:45 -0700
From: Graham Freeman
Subject: [Cernio Colo] Fwd: [bitfolk] BIND 9 denial of service exploit

Hey, folks,

Good info from Andy Smith re protecting against BIND9 exploits.

-G


Begin forwarded message:

> From: Andy Smith
> Date: 30 July, 2009 03:22:48 PDT (CA)
> Subject: Re: [bitfolk] BIND 9 denial of service exploit
>
> Hello,
>
> On Thu, Jul 30, 2009 at 12:09:31AM +0100, Jan Henkins wrote:
>> Andy Smith wrote:
>>> If you're running BIND 9 you'll want to upgrade because of:
>>>
>>> https://www.isc.org/node/474
>>>
>>
>> Thanks! Those running Lenny and the latest Ubuntu should be OK,  
>> although
>> it seems Etch is running behind (no updated debs available tonight,
>> could be tomorrow). RedHat/CentOS/Fedora people, here is what looks  
>> to
>> be a useful link (could not test it, not running any of these in
>> production):
>>
>> *http://tinyurl.com/6y4rb9*
>
> For those who are unable to upgrade, you can firewall off dynamic
> update packets like so:
>
> iptables -A INPUT -p udp --dport 53 -j DROP -m u32 --u32  
> '30>>27&0xF=5'
>
> Cheers,
> Andy
>
> -- 
> http://bitfolk.com/ -- No-nonsense VPS hosting
>
> "I am the permanent milk monitor of all hobbies!" -- Simon Quinlank

----- End forwarded message -----

-- 
-bill!
Sent from my computer


More information about the vox-tech mailing list