[nsp-sec] battling open resolvers - 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6
Jon Lewis
jlewis at lewis.org
Mon Apr 22 21:28:36 EDT 2013
On Tue, 23 Apr 2013, Rob Lowe wrote:
> Here's the result of my inquiries relating to this issue...
>
> Red Hat Enterprise 5 systems ship an older (pre 9.4.1) version of bind
> and a default configuration file which did enable recursion, but were
> limited (via the listen-on parameter) to the localhost interface.
>
> It is conceivable that less knowledgeable administrators may, in the
> course of configuring an authoritative server, change the listening
> interface and neglect to change the recursion settings.
s/conceivable that less knowledgeable administrators may/highly likely
that most administrators will/
There. Fixed it for you.
This is a problem that until recently, I'd wager most people outside this
and very few other mailing lists were not at all aware of, and even in the
aftermath of the "largest disclosed DDoS to date" abusing this issue, I'd
say most people configuring authoratative DNS servers still aren't aware
of the issue.
--
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
| therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the nsp-security
mailing list