i think one of our machines got nailed just This morning with a
suspected named exploit....
i can post any info that ive found if anyone would like to examine it,
im still sifting through it myself.
Time to Wipe the disk
Rob
----- Original Message -----
From: "Karl J. Runge" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 19, 2001 7:50 PM
Subject: Heads up for named?
> Hi,
>
> This may be a false alarm, but in the past few days I've had a lot
of
> people jiggling the port 53 (DNS) doorknob on my firewall. About as
many
> in the last 4 days as I had in the previous 4 months...
>
> Makes me think the script kiddies have a exploit toy for the
BIND/named
> vulnerability discussed at:
http://www.cert.org/advisories/CA-2001-02.html
> and http://www.isc.org
>
> So... if you haven't updated your externally visible named(8) yet,
> now might be a good time.
>
> Karl
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
