However, there are no release notes on ISC's web site,
and their vulnerabilities page lists no known security
flaws in Bind 8.2.3.
But the paranoid part of me does wonder :-)
(And I haven't the time to do the diffs to see what's
changed.)
Cheers,
Phil
---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -----Original Message-----
> From: Daniel Roesen [mailto:dr@bofh.de]
> Sent: 05 June 2001 11:14
> To: linux-kernel@vger.kernel.org
> Subject: Re: TRG vger.timpanogas.org hacked
>
>
> On Tue, Jun 05, 2001 at 08:05:34AM +0100, Alan Cox wrote:
> > > is curious as to how these folks did this. They
> exploited BIND 8.2.3
> > > to get in and logs indicated that someone was using a
> "back door" in
> >
> > Bind runs as root.
>
> Not if set up properly. And there is no known hole in BIND 8.2.3-REL
> so I'm wondering how Jeff found out that the intruder got in via BIND.
> -
> To unsubscribe from this list: send the line "unsubscribe
> linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/