Kevin, At 1st I assumed an exploit after looking at the version of bind I was using, which was a beta, I noticed that there was some talk of the beta version crashing and the solution was to go to P1. Looking back on it I did an emergency upgrade to the beta because of the kaminsky problem. Since both our name server are chrooted and have never gave us any issues I slowly forgot about the fact that I was using the beta version. Remember not until today has the version giving me any issues.
As far as getting away with the version, I looked at the ISC site and noticed that BIND 9.4.3-P5 doesn't seem to have an known issues. Since I'm running BIND on an older server, centos 4.8 with one gig of ram, I decided to compile 9.4.3-P5 instead of the newer version because some of my libs/etc might be older and therefore not supported by the latest release. I need to get these name servers up and running and being stable fast. -----Original Message----- From: bind-users-bounces+pamaral=meganet....@lists.isc.org [mailto:bind-users-bounces+pamaral=meganet....@lists.isc.org] On Behalf Of Kevin Darcy Sent: Monday, May 10, 2010 12:25 PM To: bind-users@lists.isc.org Subject: Re: KAMINSKY vulnerability !! A) Why do you assume an exploit at all? Hopefully you understand that the vast majority of software crashes in the world are triggered by benign transactions. B) From the www.isc.org website: "BIND 9.4-ESV-R1 is now available. BIND 9.4-ESV-R1 is revision 1 of the extended release version for BIND 9.4. It is recommended that all BIND 9.4.x users upgrade to BIND 9.4-ESV-R1." If you have to upgrade anyway, but you're going to stick with 9.4.x, why would you try to "get away with" running something older and less-recommended in that generation of BIND 9 than 9.4-ESV-R1? - Kevin On 5/10/2010 10:58 AM, P.A wrote: > Stephane, do you think I can get away with running 9.4.3-P5 that doesn't > seem to have any known issues. Also what exploit do you think caused my > original issue? > > As far as running an old version its been stable for a long time and to be > honest I forgot I was running that version. > > > -----Original Message----- > From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr] > Sent: Monday, May 10, 2010 10:24 AM > To: P.A > Cc: bind-users@lists.isc.org > Subject: Re: KAMINSKY vulnerability !! > > On Mon, May 10, 2010 at 10:05:47AM -0400, > P.A<ra...@meganet.net> wrote > a message of 242 lines which said: > > >> My question is did I just get rid by the kaminsky vulnerability? >> > Not at all. The Kaminsky attack poisons the server, it does not crash > it. > > >> Primary server: BIND 9.4.3b2 >> > Why do you run a beta version (and an old one)? > > This issue is known > <http://www.mail-archive.com/bind-us...@isc.org/msg00323.html> and has > been fixed in production versions a long time ago. > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > > _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users