> >>> On 8/9/2007 at 10:07 PM, Mark Andrews <[EMAIL PROTECTED]> wrote:
> 
> > In article <[EMAIL PROTECTED]> you write:
> >>
> >>    I suspect that the origin of the myth that DNS/TCP is more
> >>    dangerous than DNS/UDP is that the first root expliot of
> >>    named was over TCP not UDP.  There were later exploits that
> >>    were UDP only which totally busted the myth but it continues
> >>    to live.
> >>
> >>    Mark
> > 
> >     Just to make it clear.  This was BIND 4/8 code and the bugs
> >     were addressed in the last millennia.
> > 
> >     To date there are no known root exploits for BIND 9.
> 
> Because who runs BIND as root anymore?

        Lots of people.  It's the only way you can handle some
        events.

        Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: [EMAIL PROTECTED]

Reply via email to