RE: TRG vger.timpanogas.org hacked

Randal, Phil (prandal@herefordshire.gov.uk)
Tue, 5 Jun 2001 11:33:57 +0100


Bind 8.2.4 was released on May 17th, with the standard
comment "BIND 8.2.4 is the latest version of ISC BIND 8.
We strongly recommend that you upgrade to BIND 9.1 or, if
that is not immediately possible, to BIND 8.2.4 due to
certain security vulnerabilities in previous versions."

However, there are no release notes on ISC's web site,
and their vulnerabilities page lists no known security
flaws in Bind 8.2.3.

But the paranoid part of me does wonder :-)

(And I haven't the time to do the diffs to see what's
changed.)

Cheers,

Phil

---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

> -----Original Message-----
> From: Daniel Roesen [mailto:dr@bofh.de]
> Sent: 05 June 2001 11:14
> To: linux-kernel@vger.kernel.org
> Subject: Re: TRG vger.timpanogas.org hacked
>
>
> On Tue, Jun 05, 2001 at 08:05:34AM +0100, Alan Cox wrote:
> > > is curious as to how these folks did this. They
> exploited BIND 8.2.3
> > > to get in and logs indicated that someone was using a
> "back door" in
> >
> > Bind runs as root.
>
> Not if set up properly. And there is no known hole in BIND 8.2.3-REL
> so I'm wondering how Jeff found out that the intruder got in via BIND.
> -
> To unsubscribe from this list: send the line "unsubscribe
> linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/