torsdagen den 14 november 2002 08.53 skrev Vincent Danen: > On Wednesday, November 13, 2002, at 08:21 PM, Oden Eriksson wrote: > > [...] > > > * Wed Nov 13 2002 Oden Eriksson <[EMAIL PROTECTED]> > > 8.3.3-3mdk > > - security fix for multiple flaws in the code (P10) possible addresses; > > CAN-2002-1219, CAN-2002-1220 and CAN-2002-1221, this is something > > for mandrakesecurity to sort out on paid workingtime ;) > > Will be out tomorrow. > > > - updated S6 to _show_ a fake version to fool the script kiddies even > > more, root should change this later to maybe 9.2.2? > > updated root cache file from internic > > Why? They're not going to scan for a version before trying to exploit. > They're just going to hammer every DNS server they can find. I've > said it before a million times but, let's make it a million and one: > Security through obscurity is no security at all.
Yeah, but I didn't take notice before, but thanks anyway. I had to do something... > Anyways, bind8 is only in 7.2 and SNF7.2... 8.0+ install bind9 by > default. I'm actually impressed that bind9 isn't affected by any of > this, but it sure makes it easy to support. Why are you still using > bind8 (I'm assuming you're not using a 7.2 box since this is on cooker). There are people refusing to upgrade, and my bind-chroot packages are for them. But anyway after a couple of hours fiddling with the conf files I was able to run one of my clients 2000+ hosts zone files under 9.2.1, so I will recommend them to upgrade. > Actually, the real question, is why are you still using bind at all? > ISC screwed the pooch on this one big time... I wouldn't touch bind > after this mess with a 10 foot pole. Because I do not trust tinydns to do the job. I know a guy that has been working several years with the dot se top domain..., and I do take his word for it... Well..., here's what I plan to do; Implement DLZ for latest bind. Packages built with MySQL support here: (conditional build, but with mysql enabled in the spec file) http://d-srv.com/Cooker/RPMS/bind-9.2.2-0.rc1.2mdk.i586.rpm http://d-srv.com/Cooker/RPMS/bind-devel-9.2.2-0.rc1.2mdk.i586.rpm http://d-srv.com/Cooker/RPMS/bind-utils-9.2.2-0.rc1.2mdk.i586.rpm http://d-srv.com/Cooker/SRPMS/bind-9.2.2-0.rc1.2mdk.src.rpm Hmm..., I better hurry up now pack my bags instead of RPM:s ;)..., I'm bound for London in two hours. Chears -- Regards // Oden Eriksson, Deserve-IT Networks Check the "Modules For Apache2" status page at: http://www.deserve-it.com/modules_for_apache2.html