OK ... This is more clear for me ... thanks.
How to you put this extension in /etc/named.boot ?
>-----Original Message-----
>From: Bryan Andregg [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, May 19, 1998 3:25 PM
>To: [EMAIL PROTECTED]
>Cc: [EMAIL PROTECTED]
>Subject: Re: BIND 4.9.6-7 security hole
>
>
>On Tue, 19 May 1998 15:09:33 +0200, "Cedric MARSOT" wrote:
>>ok, can you test this program ? Because I effectively think that the last
>>version of bind is secure, but when I test this program on a FreeBsd Unix,
>>before and after the patch, there is a difference. After the Freebsd is
>>unsecure, after the patch, it is not vulnerable ...
>>
>
>In addition to patching the server against the fake-iquery attack I would
>assume that FreeBSD compiled with this option's default changed
>from on to off.
>
>>This program has been posted to a security mailing list.
>>>So, in a nutshell, this program will tell you if the remote host has
>>>their fake-iquery option turned on.
>
>As I said, all it checks for is whether this option is turned on
>or not. In
>patched servers it doesn't matter one way or another.
>
>This program is used to find servers that have the fake-iquery
>option turned
>on, either by default or through an option setting in
>/etc/named.(boot|conf).
>Once an attacker knows that it is turned on, there is no way, other than
>trying more attacks, to find out whether or not the server has
>been patched
>against this.
>
>This is not an exploit, it is a probe.
>--
> Bryan C. Andregg * <[EMAIL PROTECTED]> * Red Hat Software
>
>"Hey, wait a minute, you clowns are on dope!"
> -- Owen Cheese in 'Shakes the Clown'
>
>
>
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
