unsubscribe

2008-09-09 Thread Hakki Aydin Ucar
unsubscribe

ISC BIND 9.5.0-P2-W1 is now available

2008-09-09 Thread Evan Hunt
BIND 9.5.0-P2-W1 is now available. This is a WINDOWS-SPECIFIC update to the second security patch for BIND 9.5.0. It addresses long-standing scalability issues in the socket code for Windows that were exposed by the changes in BIND 9.5.0-P1 and -P2. This release contains no code cha

Re: SERVFAIL

2008-09-09 Thread Kevin Darcy
[EMAIL PROTECTED] wrote: > In response to a posting "Re: Two DNS Servers inside a firewall" > Mark Andrews wrote on September 5: > > >> Below is a example of such a bad delegation. The last SOA >> record should be owned by www.lawlink.nsw.gov.au not >> lawlink.nsw.gov.au. It res

Re: DNS Cache Snooping vulnerabilty

2008-09-09 Thread Robert Spangler
On Tuesday 09 September 2008 10:32, Saulo Medeiros de Araújo wrote: > Hello to eveyone! > I trying to solve the DNS Cache Snooping vulnerabilty, detected by Nessus, > but i'm having some dificuties. > > I found in my searchs some safer BIND configurations to prevent cache > snooping attacks.

Re: why setting view with recursion option is invalid in BIND 9.5.0-P1

2008-09-09 Thread Chris Buxton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 9, 2008, at 2:18 PM, Kevin Darcy wrote: > Chris Buxton wrote: >> On Sep 8, 2008, at 8:11 PM, Kevin Darcy wrote: >>> If you are hosting zones to the Internet, then create a separate >>> view >>> for that (call it e.g. "hosting" or "external"),

Re: why setting view with recursion option is invalid in BIND 9.5.0-P1

2008-09-09 Thread Kevin Darcy
Chris Buxton wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Sep 8, 2008, at 8:11 PM, Kevin Darcy wrote: > >> zq wrote: >> >>> Hi, >>> >>> I have a problem about view {} with recursion option.I want the >>> server query >>> all the domains in the internal.But it can't. >>>

Re: BIND 9.4.2-P2-W1 stops responding

2008-09-09 Thread Vincent Poy
On Tue, Sep 9, 2008 at 12:27 PM, Jeremy C. Reed <[EMAIL PROTECTED]> wrote: > > A question on the severity. Am I reading it correctly that it > > ranks from low to high as follows: > > dynamic, debug, info, notice, warning, error, dynamic? Thanks! > > Low to high is: > > info (default) > notice >

Re: BIND 9.4.2-P2-W1 stops responding

2008-09-09 Thread Jeremy C. Reed
> A question on the severity. Am I reading it correctly that it > ranks from low to high as follows: > dynamic, debug, info, notice, warning, error, dynamic? Thanks! Low to high is: info (default) notice warning error critical

Re: BIND 9.5.0-P2 crash on solaris 8 : socket.c:2586: fatal error:

2008-09-09 Thread Milan Jurik
Hi Jeff, the second define isn't needed, only FD_SETSIZE. As for "ulimit", just check if your Bind processes has the limit set (see output of "plimit". Best regards, Milan Jeffrey Collyer píše v út 09. 09. 2008 v 10:55 -0400: > I have recompiled with > > -DFD_SETSIZE=8192 -DISC_SOCKET_FDSE

SERVFAIL

2008-09-09 Thread bsfinkel
In response to a posting "Re: Two DNS Servers inside a firewall" Mark Andrews wrote on September 5: > Below is a example of such a bad delegation. The last SOA > record should be owned by www.lawlink.nsw.gov.au not > lawlink.nsw.gov.au. It results in SERVFAIL being returned. >

Re: BIND 9.4.2-P2-W1 stops responding

2008-09-09 Thread Vincent Poy
On Tue, Sep 9, 2008 at 11:09 AM, Kirk <[EMAIL PROTECTED]> wrote: > Vincent Poy wrote: > > Thanks, I have a question. Is there somewhere on the net that has > something > > explaining the different variables and options for the logging config > since > > in Unix, everything is sent to the systemlog

Re: BIND 9.4.2-P2-W1 stops responding

2008-09-09 Thread Kirk
Vincent Poy wrote: > Thanks, I have a question. Is there somewhere on the net that has something > explaining the different variables and options for the logging config since > in Unix, everything is sent to the systemlog but with Windows, it's another > story. Also, other than the different file

Re: why setting view with recursion option is invalid in BIND 9.5.0-P1

2008-09-09 Thread Matthew Pounsett
On 08-Sep-2008, at 22:50 , zq wrote: >/* make named use port 53 for the source of all queries, to > allow > * firewalls to block all ports except 53: > */ >query-sourceport 53; >query-source-v6 port 53; This has nothing to do with the problem you're t

RE: logging

2008-09-09 Thread Binmakhashen, Latif
Disabling that option in Windows didn't help. I'm still getting spammed with the same message? Can you anybody please advice? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrey G. Sergeev (AKA Andris) Sent: Tuesday, August 26, 2008 1:14 PM To: BIND

Re: BIND 9.5.0-P2 crash on solaris 8 : socket.c:2586: fatal error:

2008-09-09 Thread Jeffrey Collyer
I have recompiled with -DFD_SETSIZE=8192 -DISC_SOCKET_FDSETSIZE=8192 and set the shell script that starts bind with ulimit -n 8192. I'll see if I get any more crashes. Jeff JINMEI Tatuya / 神明達哉 wrote: > At Mon, 08 Sep 2008 12:56:13 -0400, > Jeffrey Collyer <[EMAIL PROTECTED]> wrote: > >> Run

Re: fix to REQUIRE failure in resolver.c

2008-09-09 Thread Chris Thompson
On Aug 5 2008, JINMEI Tatuya / 神明達哉 wrote: >For those who've seen a crash of recent beta versions on entry of >resolver.c:resquery_response() like this: > >17-Jul-2008 13:20:48.425 general: resolver.c:5494: REQUIREquery) != >((void *)0)) && (((const isc__magic_t *)(query))->magic == ((('Q') <<

DNS Cache Snooping vulnerabilty

2008-09-09 Thread Saulo Medeiros de Araújo
Hello to eveyone! I trying to solve the DNS Cache Snooping vulnerabilty, detected by Nessus, but i'm having some dificuties. I found in my searchs some safer BIND configurations to prevent cache snooping attacks. So i've inserted those following lines in my named.conf file: acl "trusted" { 10