[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-ports
Subject:    Re: Bind 8.2.2-P7 dies
From:       Kai Gallasch <kai.gallasch () ruhr-uni-bochum ! de>
Date:       2001-02-26 17:28:16
[Download RAW message or body]


On 26-Feb-2001 Rickie Kerndt wrote:
>>What you're probably seing is a query for the bind version.  Then, because
>>you're running 8.2.2 and advertising "hack me", you're probably getting hit
>>with buffer overflow code that's crashing your name server.
> 
> Using binds access control features would help. I see bind version 
> queries on a regular basis but these are refused by my access 
> controls. No one has crashed named yet.I've set to allow recursive 
> queries only from the local network and then allow queries from 
> outside only for authoritive zones I wish to make public.

Good idea. I didn't think about blocking query-type "bind version" by
ACLs. :) I only use restrictions concerning *XFR of my zones...
Maybe this will buy me a little time.

It's always the same. Some stupid people crash services and it will
only lead to tighter usage policies. I really didn't bother somebody
stealing a few bytes querying my nameservers - but maybe I have to 
reconsider this..

-K.

[prev in list] [next in list] [prev in thread] [next in thread]