[1882] in linux-security and linux-alert archive
[linux-security] Re: More BIND information.
daemon@ATHENA.MIT.EDU (David Gale)
Tue Jun 16 02:48:53 1998
Date: Mon, 15 Jun 1998 09:08:51 -0400 (EDT)
From: David Gale <dgale@datapex.com>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.96.980613122235.6990A-100000@dolemite.psionic.com>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
On Sat, 13 Jun 1998, Craig H. Rowland wrote:
> cleaner than patching the sources:
>
> >Date: Fri, 12 Jun 1998 15:28:39 -0600
> >From: LaMont Jones <lamont@CRANSTON.FC.HP.COM>
> >To: BUGTRAQ@NETSPACE.ORG
> >Subject: Re: Silly patch to report version.bind requests
> >
> >> I wrote this patch for BIND 8.1.2 that will change the version number
> >> returned and (most importantly) write to your logs that a person
> >> attempted to do so.
> >
> >Rather than hacking on the source, just do the following with the stock
> >distribution:
> >
> >in named.conf:
> >zone "bind" chaos { allow-query {localhost; }; type master; file
> >"pri/bind"; };
> >
> >and in pri/bind:
> >$ORIGIN bind.
> >@ 1D CHAOS SOA localhost. root.localhost. (
> > 1 ; serial
> > 3H ; refresh
> > 1H ; retry
> > 1W ; expiry
> > 1D ) ; minimum
> > CHAOS NS localhost.
> >
This applies to the newer 8.? bind. RedHat does not ship with this
configuration. Could someone translate the above to work with a named.boot
configuration.
+--------------------------------------------------+
| David Gale Technical Director |
| datApex Network Systems, INC. |
| 2441 Bellevue Ave, Suite A |
| Daytona Beach, FL 32114 |
| http://www.datapex.com |
| Phone 904 257-2500 EXT 609 FAX 904 947-5358 |
+--------------------------------------------------+
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null