[nsp-sec] Issues with BIND patching..
Huopio Kauto
Kauto.Huopio at ficora.fi
Wed Jul 9 10:15:30 EDT 2008
To cut the many private comments short (thanks!),
yes we've seen this:
"Use 9.5.1b1 or 9.4.3b2 (beta code).
The patches will have a noticeable impact on the performance of
BIND caching resolvers with query rates at or above 10,000 queries
per second. The beta releases include optimized code that will
reduce the impact in performance to non-significant levels."
As far as I know the site in question spesifically tried the beta code.
I will double-check.
--Kauto
-----Original Message-----
From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Huopio Kauto
Sent: 9. heinäkuuta 2008 17:01
To: nsp-security at puck.nether.net
Subject: [nsp-sec] Issues with BIND patching..
----------- nsp-security Confidential --------
Florian - we have received one report that the patches to BIND 9.4.2
didn't
work in a high-volume (> 10000 qps ) enviroment. No error messages, but
dns usage tests failed from the end user viewpoint.
Any comments/observations?
--Kauto
Kauto Huopio - kauto.huopio at ficora.fi
Senior information security adviser
Finnish Communications Regulatory Authority / CERT-FI
tel. +358-9-6966772, fax +358-9-6966515, mobile +358-50-5826131
CERT-FI watch desk daytime: +358-9-6966510 / http://www.cert.fi
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list