[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: More Re: [cobalt-developers] Fwd: CERT Advisory CA-2002-15 Denial-of-Service Vulnerabilityin ISC BIND 9
- Subject: Re: More Re: [cobalt-developers] Fwd: CERT Advisory CA-2002-15 Denial-of-Service Vulnerabilityin ISC BIND 9
- From: Bulent Tatlidil <btatlidil@xxxxxxxxxxxxxxx>
- Date: Tue Jun 11 00:53:01 2002
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
on Wed 05 Jun 2002 19:07 ,you wrote:
++"E.B. Dreger" wrote:
++
++> I disagree. Someone could DoS it once every five seconds.
++
++My point was that the secondary would still be running; yes I suppose I
++overlooked the fact that you could be DoSsed on both primary and
++secondary servers, but our servers aren't vulnerable.
++
++> Run non-vulnerable software.
++
++We do run a non-vulnerable (to this exploit anyway <wry grin>) version
++of Bind, as does everyone else running stock or close-to-stock RaQs
++through at leat RaQ4; I don't know about the RaQ XTR or the 550.
++
++Is there a DNS server for linux you like better?
try , djbDNS http://cr.yp.to/djbdns.html
" The djbdns security guarantee
I offer $500 to the first person
to publicly report a verifiable security hole in the latest version of
djbdns. " from D.J.Berstein autho of djbDNS :)