Re: Verisign abusing .COM/.NET monopoly, BIND releases new

From: Damaged Industries (damaged_at_damaged.no-ip.com)
Date: 09/18/03

  • Next message: Tom Brown: "openssh 3.7.1 patched or not?" 
    Date: Wed, 17 Sep 2003 18:19:32 -0400 (EDT)
To: bugtraq@securityfocus.com

    On Wed, 17 Sep 2003, SR wrote:

    > > This is simply amazing, Verisign has just turned the .COM and .NET TLD
    > > DNS servers up-side-down for their own economical gain and, in doing so,
    > > disrupted network traffic for most of the Internet. Mail administrators
    > > who use any non-existant DNSBL to mark email as spam suddenly has all
    > > their mails deleted, people using localhost.localdomain.com on their
    > > servers for administrative purposes are scrambling to find out the cause
    > > of their problems and DNS problems arise everywhere as neg caching is
    > > essentially disabled and all DNS caches have to cache each and every
    > > randomly typed DNS query.
    > >
    > > The BIND patch that prevents this should be released Wednesday.
    >
    > djbdns already has a patch (make that two patches).
    >
    > They are available from djbdns.org
    >

    Several patches have been out:

    Bind9 patch:
    http://www.isc.org/products/BIND/delegation-only.html

    Bind8 patch:
    http://achurch.org/bind-verisign-patch.html

    Djbdns patch:
    http://tinydns.org/djbdns-1.05-ignoreip.patch

    PowerDNS patch:
    http://www.imperialviolet.org/binary/powerdns.patch

    Userfriendly :)
    http://ars.userfriendly.org/cartoons/?id=20030917&mode=classic 

    ----
-- damaged
  • Next message: Tom Brown: "openssh 3.7.1 patched or not?"

    Relevant Pages

    • 9_Recommended error codes (specifically return code 5)
      ... * "return code 2" indicates patches are already installed. ... * "return code 25" means a patches requires another patch that is not yet installed. ... With or without using the save option, the patch installation process ... Installing 114008-01... ...
      (SunManagers)
    • Re: This is [Re:] How to improve the quality of the kernel[?].
      ... The -mm kernel already implements what your proposed PTS would do. ... If patch have no TS ID, ... Thus i can apply for example lguest patches and implement and test new ... How many open source projects use Bugzilla and how many use the Debian BTS? ...
      (Linux-Kernel)
    • Re: ATTACK of the WEEK-fentanyl patches
      ... FDA warns of deaths from fentanyl patch ... Some of the deaths came after doctors prescribed the patches to the ... The drug is only for chronic pain in people used to narcotics, ...
      (alt.support.chronic-pain)
    • Tru64 and OpenVMS patch announcements change after next month
      ... distribution of various patches ... OpenVMS systems with DCE and/or RPC installed. ... Update on OpenVMS and Tru64 UNIX Patches in HP ITRC ... Tru64 patch server will soon be shutdown. ...
      (Bugtraq)
    • Re: Conflicting info between the global Security Bulletin and some SPi Security Bulletin
      ... The MS02-050 is explicitly listed as included in SP4 AND in Rollup 1 ... I think the correct answer is that it depends on the era of the patch. ... installers do not always use such ... patches later than the end of 2002 are ...
      (microsoft.public.win2000.security)