On Mon, Mar 26, 2001 at 10:58:04AM -0400, joakley@solutioninc.com wrote:
If you're running a bind earlier than 8.2.3 (final, not beta) then upgrade. I've seen six systems comprimised over the past few weeks, despite our proactive bind upgrading. It's funny how Red Hat doesn't support 6.1 anymore, I had to make my own RPM. Having hundreds of servers installed all over the world, some of them inaccessible (moving demos) is a pain...
For any servers that are comprimised: reinstall from scratch. I'm serious. There is no other way to guarantee that a system is clean. We're recreating hard drives here and sending them out.
SuSE 7.1 already has 8.2.1, and is *not* vulnerable. I'm really happy with SuSE's security efforts. I'm not sure about earlier versions, but the RPMs are already available.
Erm, isn't 8.2.1 earlier than 8.2.3, and therefore at risk? Can I assume that as: o My network connects to the net via a firewall o The only incoming connections that are allowed through the firewall are SSH and SMTP o All other ports are denied by the firewall that my otherwise vulnerable Bind server is not at risk? It's not running on the firewall box. I know I should probably upgrade anyway, but I'm intending to go to 7.1 or 7.2 soon, so I can't really be bothered - it's only my own personal network at home, so security isn't as important to me as it would be if it were a company network. -- David Smith Tel: +44 (0)1454 462380 (direct) STMicroelectronics Fax: +44 (0)1454 617910 1000 Aztec West TINA (ST only): (065) 2380 Almondsbury Home: 01454 616963 BRISTOL Mobile: 07932 642724 BS32 4SQ Work Email: Dave.Smith@st.com Home Email: David.Smith@ds-electronics.co.uk