[MLUG] RE: (MLUG) DNS?

["Deterding, Brent D" <EMAIL:PROTECTED>]

I used to find BIND 4 server on campus. Running 9 you're not at a
horrible risk - right now. 

-----Original Message-----
From: "Rick Buford" [mailto:EMAIL:PROTECTED]
Sent: Tuesday, July 10, 2001 9:35 AM
To: "'MLUG'" 
Subject: RE: (MLUG) DNS?


k...now I'm nervous, since I just put up 2 production servers, both
running
nameservers. I thought BIND9 was supposed to be bug-free (at the moment)

Rick
Cow's are vegitarian thus eating burgers are vegitarian cause cow's are
just
the delivery method for the salads they eat

-----Original Message-----
From: EMAIL:PROTECTED
[mailto:EMAIL:PROTECTED]On Behalf Of Neil Bradshaw
Sent: Thursday, July 05, 2001 5:45 PM
To: EMAIL:PROTECTED
Subject: RE: [MLUG] DNS?


Remember the Lion worm? Ouch.

Remember the old MLUG server? It got h4x0r3d.

BIND is number one, last time I checked, on the SANS/CERT top ten
security
risk list. The MLUG server was compromised via BIND shortly over a year
ago. The Lion worm also ravaged systems vulnerable to BIND. In addition
to
that, people without proper training tend to do really stupid things
that
cause huge security risks, like allowing zone transfers between
completely
separate networks. It's nice to be a script kidde with an entire list of
IP addresses and hostnames (sometimes with OS types) for an entire
domain.

I hear DBJDNS or whatever it's called is better, but I've been too busy
to
try it.

Regards,
Neil Bradshaw
"No soup for you, COME BACK TOMMORROW!"

IATS/MU: EMAIL:PROTECTED
Personal: EMAIL:PROTECTED
Web: http://web.missouri.edu/~npba45/


--
To manage your subscription, go to
http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to
http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/