MAJOR SECURITY HOLE IN BIND!!

Dan Foster dsf at gblx.net
Mon Mar 27 08:46:05 EST 2000


Hot Diggety! Brian was rumored to have wrote:
>
> 	It looks like there is a vulnerability in bind that allows a
> malicious user to gain root access through bind by expoiting something
> called the "NXT" bug...Artifacts of this break in are the empty folder
> ADMROCKS in /var/named....

Actually, this has been known for some months now :) Stuff like this is
why the ISC put out latest version of BIND being 8.2.2-P5. Publically known
since November 10, 1999.

> 	All users should upgrade thier BIND to the lastest version to
> avoid the hassle and frustration that I will/have gone through...

Agreed. I'm sorry you went through that nasty experience.

That said, part of the responsibility of running daemons that makes services
accessible to the internet - be it X, lpd, mountd, sendmail, named, etc. -
one simply has to keep up with security patches by periodically re-checking
for them or subscribing to security mailing lists. A bothersome responsibility,
but unavoidable in today's age of cyber-scumbags.

Also, a firewall will help a lot if properly configured, but can still be
tricked under certain circumstances - so it's only one of multiple avenues
for attacking the problem of cyber-scumbags; securing all applications and
systems on the internal network counts, too.

You might want to also look into using Abacus's PortSentry (freeware) to
actually *monitor* for possible attacks - it can then immediately fire off
mail, page someone, add host to ipchains blacklist, etc. Very nice stuff.

http://www.psionic.com/

*topic change*

My apologies for the absence of linuxppc content, except to say that I hope
to be trying out the LinuxPPC 2000 stuff soon. The installer alone is exactly
what I expected from LinuxPPC 1999 :) In fact, from what I've heard about
the new installer...I think it'll help encourage some more people that I
know to give it a shot since the pdisk stuff *really* scared them off - not
to mention heavy swapping+slow startup for X (for the install stuff).

I don't have the in-depth knowledge needed to contribute to the dev stuff
here, but have been reading the PCI and X stuff lately with much interest.

-Dan

** Sent via the linuxppc-dev mail list. See http://lists.linuxppc.org/





More information about the Linuxppc-dev mailing list