Date: Thu, 27 Jun 2002 11:18:50 +1000 From: Mark.Andrews@isc.org To: Brett Glass <brett@lariat.org> Cc: security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv Message-ID: <200206270118.g5R1Iom0030235@drugs.dv.isc.org> In-Reply-To: Your message of "Wed, 26 Jun 2002 18:55:37 CST." <4.3.2.7.2.20020626185228.00e8ad60@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
> At 06:12 PM 6/26/2002, Mark.Andrews@isc.org wrote: > > > Provided you are behind a nameserver you trust that reconstructs > > the answer you should be fine. > > > > BIND 9 reconstucts all answers (excluding forwarded UPDATES). > > BIND 8 forwards some and reconstructs others. > > Could an exploit be set up as a forwarded UPDATE? No. > (Forgive me if > this is a naive question; I know that I need to become more familiar > with DDNS.) If not, then installing BIND 9 and/or forcing clients > to consult a BIND 9 server may be an acceptable workaround. > > --Brett > -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206270118.g5R1Iom0030235>