[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] LION WORM
- Subject: Re: [cobalt-developers] LION WORM
- From: "Dave" <dridel@xxxxxx>
- Date: Thu Apr 19 19:27:08 2001
- List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>
Sent: Thursday, April 19, 2001 5:56 AM
Subject: RE: [cobalt-developers] LION WORM
> At 08:24 19/04/01 +0100, Jamie Rossi wrote:
> >We were hacked this week on a RAQ3, and our Hosting provider (one of the
> >worlds largest gave us the following response.
>
>===========================================================================
=
>
> My box runs
>
> named 8.2.3-REL Tue Jan 30 16:56:25 PST 2001
> ^Iadmin@xxxxxxxxxxxxxxxxxx:/home/redhat/BUILD/bind-8.2.3/src/bin/named
>
> and that was a cobalt update .pkg
>
> Barry
I'm no guru that's for sure! In watching this list for a few months now,
there were numerous posts regarding the BIND update not working. A few
people mentioned they had upgraded BIND with a new patch and yet it still
showed as the old/vulnerable BIND. I have no idea who, what, where, when or
how but I just want to remind everyone to VERIFY the patches are working.
In this case 'ndc status' will show the current named version as others have
shown. Also, rpm -q [package] will tell you which version of a particular
package is currently working. Example: rpm -q proftpd (will show you the
current running version of proFTP) or rpm -q bind ! I highly suggest
getting a linux book that has all the commands. If you get advice from
someone regarding a problem, it's always nice to refer to that section of
the book to learn more about the COMMAND and all switches and options.
Always VERIFY the updates have taken and thanks to the people here that
drilled that into my head!
D~