[nsp-sec] battling open resolvers - 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6
SURFcert - Peter
p.g.m.peters at utwente.nl
Thu Apr 11 05:39:42 EDT 2013
Steve,
Steve Colam wrote on 2013-04-11 11:27:
> So - looks like we have a Redhat problem with default open resolvers....
> based
> on our data, if we can get this RedHat resolver fixed, then 15% of the
> hosts
> are removed... a serious result if that applies to the rest of the open
> resolvers
> at large on the intertubes.
>
> Does anyone have a contact at Redhat we can reach out to ?
9.3.6 has recursion default set to on. Paul Vixie has mentioned
(https://plus.google.com/106684394261860468438/posts/Q3C1S27BJPr) that
even newer version have this default setting. Probably because they
don't want their customers (who need open resolvers?) complaining about
breaking things.
--
Peter Peters /------\ SURFnet bv
SURFcert | SURF | cert.surfnet.nl
cert at surfnet.nl \-----\ \-----\ Postbus 19035
PGP Key ID 0x5A52C966 | CERT | NL-3501 DA Utrecht
+31 30 2305 305 \------/ fax: +31 30 2305 329
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20130411/2ef0100d/attachment-0001.sig>
More information about the nsp-security
mailing list