Date: Thu, 11 Nov 1999 23:24:16 +0000 From: Adam Laurie <adam@algroup.co.uk> To: agifford@infowest.com Cc: security@FreeBSD.ORG Subject: Re: BIND NXT Bug Vulnerability Message-ID: <382B5020.396D9FCC@algroup.co.uk> References: <19991111213301.D44DE20F66@infowest.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Aaron D. Gifford" wrote: > > Hmmm, looking at the ISC BIND web site page regarding versions and > the various newly discovered problems that affect them, it appears > that 8.1.2 is vulnerable to only 5 of the 6 new problems, but NOT > the NXT bug. > > A few fun things I discovered when upgrading from 8.1.2 to 8.2.2-P3 > include: > > The new version no longer supports "allow-query" sections in the > "hint" zone type. The old 8.1.2 happily accepted them without > complaint. When I restarted with the new version, this caused > my "." zone hits file to be rejected, so all queries to the outside > world stopped dead in the water until I removed that section. > > As was already mentioned in this thread, BIND's default installation > and startup location for the named.conf file is /etc/named.conf > while FreeBSD's is /etc/namedb/named.conf -- a quick symlink fixes > that too. A most timely bit of info... Wish I'd read this a couple of hours ago! :) FYI, allow-transfer causes the same problem. cheers, Adam -- Adam Laurie Tel: +44 (181) 742 0755 A.L. Digital Ltd. Fax: +44 (181) 742 5995 Voysey House Barley Mow Passage http://www.aldigital.co.uk London W4 4GB mailto:adam@algroup.co.uk UNITED KINGDOM PGP key on keyservers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?382B5020.396D9FCC>