Hosting Provided By

Re: DNS Injection Problem

From: Chip Mefford <cmefford(at)avwashington.com>
Date: Tue May 06 2003 - 05:53:38 EDT

Blade Runner wrote:

> Hi list, I am facing a serious problem here. My client works as an ISP and

This isn't very fun.

>
> DNS Server: bind 9.2.2 # I am focusing my attention here, looking for
> bugs.

bind 9.2.2 is really pretty tight.

Have you paid careful attention to the
"allow-update" and "allow-transfer" parameters.

Also, Some folks integrate Windows Active Directory with bind 9. I don't know anything about that, but it sounds really scary.

Do you need help?

>
> Here it goes a scanner showing my open ports.

You are running telnet. Lose it unless
there is a REAL good reason for running it.

>
> 25/tcp open smtp

Yes you do.

> Thanks a lot and sorry about my poor English

Your english is just fine. Don't worry about it.

Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-incidents

Received on Tue May 6 13:33:32 2003

This message: [ Message body ]
Next message: Blade Runner: "Re: DNS Injection Problem"
Previous message: Glenn Forbes Fleming Larratt: "Re: DNS Injection Problem"
In reply to: Blade Runner: "DNS Injection Problem"
In reply to Benjamin A. Okopnik: "Re: DNS Injection Problem"
Next in thread: Þórhallur Hálfdánarson: "Re: DNS Injection Problem"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:05 EDT