[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netbsd-tech-security
Subject:    BIND9 is an effective "filter" on resolver overflow (fwd)
From:       Darren Reed <avalon () coombs ! anu ! edu ! au>
Date:       2002-06-27 0:22:51
[Download RAW message or body]

Forwarded message:
> To: Brett Glass <brett@lariat.org>
> Cc: security@FreeBSD.ORG
> From: Mark.Andrews@isc.org
> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv 
> Date: Thu, 27 Jun 2002 10:12:08 +1000
> 
> 
> > Aaargh. This will affect not only more recent systems but
> > the older 3.x and embedded systems I maintain for people.
> > There's no patch for these, and in the case of the embedded
> > systems that use BSD I can't upgrade.
> > 
> > Any word on whether one can detect and block such attacks
> > upstream via an IDS or a proxy at the firewall?
> > 
> > --Brett Glass
> 
> 	Provided you are behind a nameserver you trust that reconstructs
> 	the answer you should be fine.
> 
> 	BIND 9 reconstucts all answers (excluding forwarded UPDATES).
> 	BIND 8 forwards some and reconstructs others.
> 
> 	Mark
> > 
> > At 01:08 PM 6/26/2002, FreeBSD Security Advisories wrote:
> >   
> > >-----BEGIN PGP SIGNED MESSAGE-----
> > >
> > >============================================================================
> > =
> > >FreeBSD-SA-02:28.resolv                                     Security Advisor
[...]
[prev in list] [next in list] [prev in thread] [next in thread]