[34325] in North American Network Operators' Group
Re: Vixie doing his part to make people upgrade (was:Re: Reasons whyBIND
daemon@ATHENA.MIT.EDU (Henry R. Linneweh)
Sat Feb 3 11:38:11 2001
Message-ID: <3A7C32D4.91D0DF36@concentric.net>
Date: Sat, 03 Feb 2001 08:33:24 -0800
From: "Henry R. Linneweh" <linneweh@concentric.net>
Reply-To: linneweh@concentric.net
MIME-Version: 1.0
To: mdevney@teamsphere.com
Cc: nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
If they do a free security scan they are paying for it and your box is safe if
they are not advising you on the result, I would personally say Whew, thank
god someone has my back covered.....
mdevney@teamsphere.com wrote:
> On Fri, 2 Feb 2001, Patrick Greenwell wrote:
>
> >
> > P.S. AboveNet is taking the latest BIND vunerability(ies) seriously enough
> > that they are beginning wholescale scans of their address space. Draw your
> > own conclusions related to masking version numbers.
> >
> The bulk of that announcement from Above.net is from 2 lines:
> > We will be checking every IP in our space on port 53 in order to find
> > versions of BIND open to a root exploit.
>
> I'm not sure my agreement with Above.net allows them to scan my network,
> though it is admittedly their IP space. I'll go check the paperwork on
> Monday. (Honestly I expect to find it does, though I must have been
> smoking something when I signed it. Above.net is usually on stable legal
> ground.)
>
> That aside, I am concerned that the announcement makes no mention of who
> they would disclose this information to. Presumably the registered
> contacts for the offending customer, but above.net has not said they'll
> tell anyone.
>
> Needless to say, I am not happy with this. I can't imagine anyone would
> be happy with their provider scanning their network.
>
> (Also leaving aside the fact that this scan will be pretty much
> useless, given cases where named is run as a different user, chroot'd,
> instructed to lie about its version number, etc.)
>
> Matthew Devney
--
Thank you;
|--------------------------------|
| Thinking is a learned process. |
| ICANN member @large |
| Gigabit over IP, ieee 802.17 |
| working group |
| Resilient Packet Transport |
|--------------------------------|
Henry R. Linneweh
