I dont know alot about *.nix security but i thought this may be informative for some of you. It's an article i've read from SANS.org about the weaknesses in BIND.
BIND weaknesses: nxt, qinv and in.named allow immediate root compromise.
The Berkeley Internet Name Domain (BIND) package is the most widely used implementation of Domain Name Service (DNS) -- the critical means by which we all locate systems on the Internet by name (e.g., www.sans.org) without having to know specific IP addresses -- and this makes it a favorite target for attack. Sadly, according to a mid-1999 survey, about 50% of all DNS servers connected to the Internet are running vulnerable versions of BIND. In a typical example of a BIND attack, intruders erased the system logs, and installed tools to gain administrative access. They then compiled and installed IRC utilities and network scanning tools, which they used to scan more than a dozen class-B networks in search of additional systems running vulnerable versions of BIND. In a matter of minutes, they had used the compromised system to attack hundreds of remote systems abroad, resulting in many additional successful compromises. This illustrates the chaos that can result from a single vulnerability in the software for ubiquitous Internet services such as DNS.
Multiple UNIX and Linux systems
As of May 22, 2000, any version earlier than BIND v.8.2.2 patch level 5 is vulnerable.
November 28th, 2001, 05:15 PM
Hey Remote. Interesting.
Do you think I should change my aviator? Do you think its hard to take someone with an exploding pokemon thing seriously?
November 28th, 2001, 05:23 PM
well, it is up to you what ever avatar you decide to use. as long as you post a serious response, people will take you seriously.
by the way, how do i make a custom avatar?
FYI there are three different versions of BIND running around out there 4.x, 8.x and 9.x, each has there own issues. 8.x has probably been the most secure through it all.
I don't know if your read this but a buffer overflow exploit on BIND 4.x was a bad one, often dumped the attacker to a shell wih root. This has of course been patched, but it was gnarly.
November 28th, 2001, 05:31 PM
Like i said earlier, i dont know alot about *.nix security. but thanks for the information. The SANS institute has issued ALOT of vulnerabilities in BIND and i didnt want to take up bandwidth with all the holes, vulnerabilities, and problems with BIND. But, if you or any one else is looking for such information, go to Sans.org and search for Bind.