[plug] incase anyone wasnt aware..CERT advisory [ BIND ]

Bret Busby bret at clearsol.iinet.net.au
Tue Nov 14 13:50:56 WST 2000


Christian wrote:
> 
> On Tue, Nov 14, 2000 at 11:12:10AM +0800, Desiree wrote:
> 
> > CERT Advisory CA-2000-20 Mulitple Denial-of-Service Problems in ISC BIND
> 
> There are new security bugs announced several times daily so I'm not
> sure that we need to post them to this list (unless it's very
> specifically on topic with regards to a current or recent discussion).

A couple of points:

A while ago, from memory, I raised a similar issue on the mailing list
(a CERT warning about BIND).

At that time, from memory, advice was given that no-one using Linux,
should be using BIND, unless it was absolutely necessary, and, that
people should check whether BIND was running on their systems, and, if
so, unless they were running DNS servers, or something, they should
immediately disable BIND, as BIND itself posed a ecurity risk, unless
using it was absolutely necessary, and, the latest version, with the
most recent security patches, was being used.

Perhaps, Christian, as the security person, you could briefly go over
the associated issues regarding BIND, again, for the sake of Desiree,
and, any new people, who may have BIND running, unwittingly?

Perhaps, that could be a good solution?

What do you think, Christian?

(Obviously, others with security experience, will have similar advice,
but, as Christian responded, perhaps, he could advise regarding the
needless use of BIND)

-- 

Bret Busby

......................................
"So once you do know what the question actually is, you'll know what the
answer means."
 - Deep Thought, Chapter 28 of The Hitchhiker's Guide to the Galaxy
 - Douglas Adams, 1988 
......................................



More information about the plug mailing list