From owner-freebsd-questions Wed Apr 11 23:18: 1 2001 Delivered-To: freebsd-questions@freebsd.org Received: from q.closedsrc.org (ip233.gte15.rb1.bel.nwlink.com [209.20.244.233]) by hub.freebsd.org (Postfix) with ESMTP id CAD7D37B43E for ; Wed, 11 Apr 2001 23:17:56 -0700 (PDT) (envelope-from lplist@closedsrc.org) Received: by q.closedsrc.org (Postfix, from userid 1003) id 5BDAC55407; Wed, 11 Apr 2001 23:13:24 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by q.closedsrc.org (Postfix) with ESMTP id 4A36151610; Wed, 11 Apr 2001 23:13:24 -0700 (PDT) Date: Wed, 11 Apr 2001 23:13:24 -0700 (PDT) From: Linh Pham To: Chris Angell Cc: Subject: Re: DNS Question In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2001-04-11, Chris Angell scribbled: # Apr 11 21:38:03 named[49549]: XX /211.219.153.124/version.bind/TXT/CHAOS If you run nslookup with: set type=txt set class=chaos version.bind on most DNS servers running BIND, it will return the release/version string. So you are getting a lot of people who are trying to see which version of BIND you are running and try to hack it if it's a version that has vulnerabilities. Which version of BIND are you running? If you are running BIND 8.2.3-Txx, then you should upgrade to at least 8.2.3-REL. BIND 9.1.x-REL is recommended since it has dropped quite a bit of the legacy (and buggy) BIND code. BIND 8 and BIND 9 are available from Ports... just make sure that you cvsup/sync up your ports collection before building from your current ports collection. -- Linh Pham [lplist@closedsrc.org] // 404b - Brain not found To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message