> >>> On 8/9/2007 at 10:07 PM, Mark Andrews <[EMAIL PROTECTED]> wrote:
>
> > In article <[EMAIL PROTECTED]> you write:
> >>
> >> I suspect that the origin of the myth that DNS/TCP is more
> >> dangerous than DNS/UDP is that the first root expliot of
> >> named was over TCP not UDP. There were later exploits that
> >> were UDP only which totally busted the myth but it continues
> >> to live.
> >>
> >> Mark
> >
> > Just to make it clear. This was BIND 4/8 code and the bugs
> > were addressed in the last millennia.
> >
> > To date there are no known root exploits for BIND 9.
>
> Because who runs BIND as root anymore?
Lots of people. It's the only way you can handle some
events.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
