Re: /var partition overflow (due to spyware?) in FreeBSD default install

From: Brett Glass (brett_at_lariat.org)
Date: 10/24/03

  • Next message: Jim Hatfield: "Re: IPSec VPNs: to gif or not to gif" 
    Date: Thu, 23 Oct 2003 22:18:35 -0600
To: "David G. Andersen" <danderse@cs.utah.edu>, Garance A Drosihn <drosih@rpi.edu>

    At 08:46 PM 10/23/2003, David G. Andersen wrote:

    >the problem is very obviously an excess of messages from bind.
    >This bug report should go to the ISC folks.

    Indeed. Or perhaps we can integrate a patch into FreeBSD and
    then forward it up to ISC.

    >No daemon should
    >be spewing out log messages at the _incredible_ rate that
    >bind does when it decides it doesn't like what it's getting
    >in this context. The same bug can be triggered by using a
    >forwarding nameserver that bind doesn't like.

    Interesting. What does BIND "not like" about certain forwarders?

    >The immediate question to ask is, "is this fixed in bind9?"

    That's only the immediate question if FreeBSD moves to BIND 9.
    Otherwise, the question (at least in this forum) is, how does
    FreeBSD patch it until or unless it goes to BIND 9?

    --Brett

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Jim Hatfield: "Re: IPSec VPNs: to gif or not to gif"

    Relevant Pages

    • Future plans for BIND versions in the base, and DNSSEC readiness
      ... FreeBSD, list my plans for the future, and solicit comments from the ... In the past release policies for both FreeBSD and BIND have been ... ISC's policy on Extended Support Versions at ... The upcoming DNSSEC signing of the root zone will ...
      (freebsd-arch)
    • Re: [OT] Q: what would you choose for a VCS today
      ... FreeBSD as base that would allow better teams cooperation and easy code ... control fly out the window from, say, the 42nd floor. ... If you think you need a vendor branch, take a look at mercurial patch ... Patch queues are quite powerful, and even though you end up versioning ...
      (freebsd-hackers)
    • RE: For the love of God, is it even possible to make the Atheros ath.patch & updated HALactually
      ... > # mv ath_hal_20051212 ath ... in hopes that maybe the patch was FINALLY ... This FreeBSD installation is sitting here doing ... To June/July 2005 madwifi was very unstable, after merging cvs BSD tree of ...
      (freebsd-current)
    • Re: BIND update?
      ... or criticism with a positive approach. ... the fact that DNS ... the BIND installation in the base is not intended to ... security advisories to write, FreeBSD ...
      (FreeBSD-Security)
    • Re: NAT-T patch for 7-STABLE
      ... the NAT-T patch from HEAD to 7-STABLE: ... I also merged back the NAT-T changes from FreeBSD 8/HEAD. ... (basically the cvs checkout and the tarball creation; ... and the port isn't ready to be used as a automatic port as you have to do ...
      (freebsd-net)