> From: Larry Vaden
> Date: Sun, Jan 23, 2011 at 8:03 PM
> Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5?
> Our site running Centos 4.8 and 5.5 name servers was hacked with
> the result that www.yahoo.com is now within our /19 and causing
> some grief.
Don't understand what you
On Fri, Feb 18, 2011 at 3:15 PM, Always Learning wrote:
> Don't understand what you mean by 'within our /19'. Have your IP ranges
> changed? If your Bind date is corrupt, why not re-install Centos and
> then restore the domains data from one of your regular backups?
Our network consists of aaa.b
On Fri, Feb 18, 2011 at 4:15 PM, Always Learning wrote:
>> From: Larry Vaden
>> Date: Sun, Jan 23, 2011 at 8:03 PM
>> Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5?
>
>
>> Our site running Centos 4.8 and 5.5 name servers was hacked with
>> the result that www.yahoo.com is now with
>
> Our network consists of aaa.bbb.ccc.0/19. That's CIDR notation for
> 8,192 addresses.
>
But what has that got to do with "www.yahoo.com moved into our /19"
your comment is pretty unclear.
>
> IMHO, fully updated purpose-built servers running 4.8 should have more
> or less the same vulne
On Friday, February 18, 2011 04:15:28 pm Always Learning wrote:
> > From: Larry Vaden
> > Our site running Centos 4.8 and 5.5 name servers was hacked with
> > the result that www.yahoo.com is now within our /19 and causing
> > some grief.
>
> Don't understand what you mean by 'within our /19'.
>
> I think I do; he's an ISP, and apparently someone inside his address block
> (the CIDR notation /19; his actual block is publicly found by doing a quick
> nslookup of his domain name, noting the IP address of the DNS server(s)
> listed, and then a whois of the IP address of the DNS server(s)
On Fri, 2011-02-18 at 18:32 -0500, Lamar Owen wrote:
> On Friday, February 18, 2011 04:15:28 pm Always Learning wrote:
> > Don't understand what you mean by 'within our /19'.
> I think I do; he's an ISP, and apparently someone inside his address block
> ... has hacked in some way the zone file(
On Fri, Feb 18, 2011 at 4:37 PM, James Hogarth wrote:
>
> Your mentor? What do you mean by that?
The same thing Wikipedia says, namely:
a trusted friend, counselor or teacher, usually a more experienced
person. Some professions have "mentoring programs" in which newcomers
are paired with more ex
>
> Joe, Randy and James are my mentors of 15, 5 and 5 years,
> respectively, and all said the same thing, namely "nuke and repave, be
> sure to be current on BIND" since it is a purpose-built box (ns1).
>
Perhaps is it a difference in language and what you mean by mentor and
where I would mean ol
On Fri, Feb 18, 2011 at 7:39 PM, James Hogarth wrote:
>
>> With 20/20 hindsight, it is clear that I shouldn't have posted the
>> original post asking the list for help and hopefully informing other
>> potential targets of the risk (read: there were no responses to the
>> original post, therefore i
On Fri, Feb 18, 2011 at 7:39 PM, James Hogarth wrote:
>>
>> Joe, Randy and James are my mentors of 15, 5 and 5 years,
>> respectively, and all said the same thing, namely "nuke and repave, be
>> sure to be current on BIND" since it is a purpose-built box (ns1).
>
> Perhaps is it a difference in la
>
> Johnny has remarked on the importance of trust.
>
> My trust in RedHat went down when I learned they are not shipping all
> the SRPMs. Some say it is due to human error. If that is the case,
> why should I think they are better at backporting security fixes than
> at making sure a manifest of
> My trust in RedHat went down when I learned they are not shipping all
> the SRPMs. Some say it is due to human error. If that is the case,
> why should I think they are better at backporting security fixes than
> at making sure a manifest of SRPMs is complete and correct?
Centos, SL and oracle
On Sat, Feb 19, 2011 at 6:58 AM, James Hogarth wrote:
>
> For the record an archive of all mails sent to the mailing list
> appears here... in this case in date order.
>
> http://lists.centos.org/pipermail/centos/2011-January/date.html
>
> To give you the benefit of the doubt I search there for yo
On Saturday, February 19, 2011 12:57:40 am Larry Vaden wrote:
> Through this experience,
> starting with a hacked or poisoned name server, or, quite frankly, the
> perception of one, I have learned what people really see.
Having a server hacked is one of the worst things that can happen in IT; no
On Saturday, February 19, 2011 01:51:55 am Larry Vaden wrote:
> My trust in RedHat went down when I learned they are not shipping all
> the SRPMs. Some say it is due to human error. If that is the case,
> why should I think they are better at backporting security fixes than
> at making sure a man
On Sat, Feb 19, 2011 at 9:51 AM, Lamar Owen wrote:
>
> If your server was really hacked, I'd start from scratch, and set the new one
> up more defensively.
THANKS for your input; there exists a consensus, so that's what will
be done (replace 4.8 with 5.x). Troy says Fermi (a great target for
t
On Sat, Feb 19, 2011 at 04:37:57PM -0600, Larry Vaden wrote:
>
> THANKS for your input; there exists a consensus, so that's what will
> be done (replace 4.8 with 5.x). Troy says Fermi (a great target for
> the miscreants/actors) runs stock BIND as it appears in
> RHEL/CentOS/SL, so, to be redund
On Sat, Feb 19, 2011 at 5:07 PM, John R. Dennison wrote:
>
> Just out of curiosity, have you ever thought about hiring a
> competent admin?
Yes.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
19 matches
Mail list logo
