Date: Mon, 14 May 2001 20:01:40 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Ted Mittelstaedt <tedm@toybox.placo.com> Cc: Kris Kennaway <kris@obsecurity.org>, John Baxter <jbaxter@mmcable.com>, "Dan Mahoney, System Admin" <danm@prime.gushi.org>, questions@FreeBSD.ORG Subject: Re: onitoring named Message-ID: <20010514200140.A93481@xor.obsecurity.org> In-Reply-To: <001201c0dce7$821145a0$1401a8c0@tedm.placo.com>; from tedm@toybox.placo.com on Mon, May 14, 2001 at 07:34:04PM -0700 References: <20010514025811.A32800@xor.obsecurity.org> <001201c0dce7$821145a0$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--J/dobhs11T7y2rNN Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, May 14, 2001 at 07:34:04PM -0700, Ted Mittelstaedt wrote: > I'm not sure if your agreeing that this is the most commonly given answer, > or your stating that most nameserver problems are a result of crack > attempts. Both: >95% of the reported problems with named crashes on FreeBSD lists in the past 4 months have been penetration attempts, or at least occurred to people running vulnerable versions of named with symptoms perfectly consistent to being attacked. Therefore this is the best initial diagnosis for people reporting problems with their named, until they go further and rule it out by indicating that they're already running 8.2.3-REL or a version of 9.x. At that point more detailed analysis is obviously required (which perhaps might be better carried out on the bind support mailing lists). > Maybe we ought to tell the next person who complains that their > nameserver is crashing, that this means their ram is bad and to go > replace it all. ;-) Well, that's also a possible explanation, but not the most likely one. Kris --J/dobhs11T7y2rNN Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7AJwTWry0BWjoQKURAi6kAJ44knTii3iu/7ddD97fbo39ENTbZQCg7KQc yitCQXpuThP67TuE1QNx38U= =bAMJ -----END PGP SIGNATURE----- --J/dobhs11T7y2rNN-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010514200140.A93481>