Date: Wed, 28 Feb 2001 07:12:30 +0100 From: "Leif Neland" <leifn@neland.dk> To: <exs@kka.com> Subject: Re: bind attacks Message-ID: <002501c0a14d$75685760$0e00a8c0@neland.dk> References: <004201c0a123$85f495a0$7ccc29d0@thestanfields.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I've been getting core dumps in bind every other day for the past couple of
> weeks. I took it as no coincidence that the software which had never (not
> once) faulted in a year started going down very often just after the cert
> note came out.
>
> Unfortunately I've not yet had the time to upgrade the servers. What is the
> general impression of the upgrade process from those who've succesfully done
> so? Initially I saw a lot of posts about the new release being very syntax
> specific and a lot of problems resulting thereof. Anything to watch out for
> beyond using the proper syntax in your zone files? All my bind boxes are
> freebsd, of course.
If you just upgrade to 8.2.3-REL, there is no problems.
If you want to upgrade to 9.1, at least one difference is that each zonefile requires a
$TTL nnn
I'm not sure if the line can be anywhere in the file so something like this:
for x in `grep -l ORIGIN *`
do
if grep -v TTL $x
then
echo "\$TTL=28800" >>$x
fi
done
will work.
You could just make bind 9, but not installing it, then running it from the build directory, attach to a different port with option -p and see if it barfs on anything.
Leif
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002501c0a14d$75685760$0e00a8c0>