-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 11/17/2011 08:31, Albert Thiel wrote: > I have been hearing that since last night DNS 0-day exploitation is > taking place all over the net.
I dislike the term "0-day" because it means different things to different people. What is true is that a large number of BIND recursive name servers have been crashing with the same error messages, which seems to be the result of an active and heretofore unknown exploit. https://www.isc.org/software/bind/advisories/cve-2011-4313 > ISC mentions recursion. Is this vulnerability only on DNS that > allows recursive queries? (if so mine is safe thankfully). At this time it appears true that authoritative-only servers are not vulnerable. > Is there a patch to the BSD flavor of BIND expected to address > this? The ports, 10-current, stable/8 and stable/7 were all updated yesterday shortly after ISC publicly released the code. hth, Doug - -- "We could put the whole Internet into a book." "Too practical." Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEcBAEBCAAGBQJOxXqiAAoJEFzGhvEaGryElTgH/A1c38kgpXaRhl2W9v/PBgvz 1fI8pZP49eh9aw7pWfMEvWh/UwkL4CNQUhFoG+XMIbHLtQbH1412w/CrVuGQJ2bN H7a1fm07K3I8FiP5yO5v8fOiSjEQV1nmP5GPrFUTZxvh4Xeh6gWzGxCL/HVL2CK+ uPzgLv5oCfxYEdySFUyvJXRgcUBBg3efuR3LyhxpSjWhBC/FpbgxG2GS2dyfk/FP nT4XxTg/0y4n96dfryskmLAT1j+cuoxyqFNp5goiz9Nl0/AisPIZ6kDVJD1wKtlP QnkEAPHgowzeKKDFK2dkrmOszSHxGAdUki3D+iFxwEOn7lFgcPC6hDEgT6Y4oPw= =IxSX -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
