Re: Having trouble setting up BIND 9.9.2-P2 on Win XP PRO SP3, won't start

I have no idea how things work on Windows, but I doubt "directory" is optional. - Original Message - From: Joanne Homier [mailto:joanne.hom...@gmail.com] Sent: Tuesday, March 26, 2013 11:30 PM To: bind-users@lists.isc.org Subject: Having trouble setting up BIND 9.9.2-P2 on Win XP PRO S

Having trouble setting up BIND 9.9.2-P2 on Win XP PRO SP3, won't start

I installed bind using the default settings in the installer. I successfully generated a rndc.key file. I needed to populate the etc folder, so I downloaded the Ubuntu version of bind and extracted the contents of /etc and put them in Windows version of etc. I went through the files one by

Re: Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

In message , Jim Bucks writes: > > Thanks Graham, > > I appreciate the hints. However, I'm still having problems (after finding > a few more "how-to's"). Any other pointers / tips on what to look for? > > Jim Fix the view to accept traffic from 127.0.0.1. > Mar 26 14:18:24 dns04 d

Re: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

In message <20130326163235.ga31...@redhat.com>, Adam Tkac writes: > Hello, > > if I understand correctly, this isn't issue in BIND itself but it is some > memory > leak in underlying regexp library (glibc in Linux case). Can you please > clarify > which exact flaw in glibc (or other regex imple

Re: Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

Thanks Graham, I appreciate the hints. However, I'm still having problems (after finding a few more "how-to's"). Any other pointers / tips on what to look for? Jim Mar 26 14:18:24 dns04 dhcpd: DHCPRELEASE of 172.10.20.51 from 00:0b:cd:33:b6:49 (proccilapxp) via eth1 (found) Mar 26 14:18:31 dn

Re: Suspecious DNS traffic

Maybe I can try. In the very old days - when BIND as a recursive resolver was chasing down an answer to a question, it would sent the remote authoritative DNS server the query in a UDP packet which has a query ID which was numbered sequentially. This was bad as bad people could guess your next qu

Re: Suspecious DNS traffic

On Mar 26, 2013, at 3:09 PM, "Novosielski, Ryan" wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > It sounds like exactly the reverse of what Niall described in his > other e-mail (brackets mine): > > "The reply to such a query originates from port 53 on the remote > server [in this

Re: Suspecious DNS traffic

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 It sounds like exactly the reverse of what Niall described in his other e-mail (brackets mine): "The reply to such a query originates from port 53 on the remote server [in this case, your server], and is destined for the port on your server [in this c

Re: Suspecious DNS traffic

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Niall already answered you the other day (brackets mine): "The reply to such a query [from your server] originates from port 53 on the remote server, and is destined for the port on your server which was used as the source of the query[, which will be

Re: Suspecious DNS traffic

In message <1364323396.89012.yahoomail...@web190806.mail.sg3.yahoo.com>, babu d heen writes: > > Dear Brown, > > I am using Stateful firewall from leading vendor company. And you have not configured it correctly. > So let me know > why still my server initiate connection to remote DNS server

Re: Suspecious DNS traffic

Dear Vernon,   Thanks for your wonderful and detailed reply. I read the update given by you as below.   >Many stateful firewalls can also record the source and destination >IP addresses and port numbers of outgoing UDP packets and allow >subsequent incoming UDP packets with source and destination

Re: Suspecious DNS traffic

Dear Brown,   I am using Stateful firewall from leading vendor company. So let me know why still my server initiate connection to remote DNS server on non standard destination port?   Regards Babu     From: "wbr...@e1b.org" To: babu dheen Cc: "bind-users@lists

Re: Suspecious DNS traffic

Dear Matus,   I think you got my point. Yes. I am using Stateful Firewall and not sure my DNS server connecting to remote DNS  on non standard port?   So where i need to now look?   Regards Papdheen M From: Matus UHLAR - fantomas To: bind-users@lists.isc.org Se

RE: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

Thank you. -- Jack Tavares From: ISC Support Staff [support-st...@isc.org] Sent: Tuesday, March 26, 2013 11:08 To: Jack Tavares Cc: bind-us...@isc.org Subject: Re: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Me

Re: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

On 3/26/13 10:05 AM, Jack Tavares wrote: I have a request for clarification: The workaround states to rebuild BIND with regexp support disabled. And I see new versions of BIND have been released. Are those versions just a rebuild with regexp support disabled? Or are they a more comprehensive f

RE: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

I have a request for clarification: The workaround states to rebuild BIND with regexp support disabled. And I see new versions of BIND have been released. Are those versions just a rebuild with regexp support disabled? Or are they a more comprehensive fix? thanks. -- Jack Tavares

Re: ISC Security Advisory: CVE-2013-2266 (Adam Tkac)

Dear Adam, In order to minimize exploitation, we are trying to not spell out the specific nature of the flaw publicly. I will respond to you directly with a more detailed explanation. Regards, Jeff Wright ___ Please visit https://lists.isc.org/mailman/

BIND 9.9.2-P2 is now available

Introduction BIND 9.9.2-P2 is a security-fix release, superceding BIND 9.9.2-P1 as the latest production release of BIND 9.9. This document summarizes changes from BIND 9.9.1 to BIND 9.9.2-P2. Please see the CHANGES file in the source code release for a complete list of all change

BIND 9.8.4-P2 is now available

Introduction BIND 9.8.4-P2 is a security-fix release, superceding BIND 9.8.4-P1 as the latest production release of BIND 9.8. This document summarizes changes from BIND 9.8.3 to BIND 9.8.4-P2. Please see the CHANGES file in the source code release for a complete list of all change

Re: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

Hello, if I understand correctly, this isn't issue in BIND itself but it is some memory leak in underlying regexp library (glibc in Linux case). Can you please clarify which exact flaw in glibc (or other regex implementation) makes BIND vulnerable to remote DoS? Is it already reported to regex lib

Re: querying TLD nameservers - limitations

On Sun, Mar 24, 2013 at 04:55:13PM -0700, blrmaani wrote a message of 17 lines which said: > I am developing a monitoring script for internal use and this > requires extensive querying of TLD nameservers (a .. m).tld servers. [TLD operator hat on.] Hard to ansdwer without more details. Reall

ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

Note: This email advisory is provided for your information. The most up to date advisory information will always be at: https://kb.isc.org/article/AA-00871 please use this URL for the most up to date advisory information. --- A critical defect in BIND 9 allows an attacker to cause exce

Re: Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

Hi Jim, > I'm getting either of the following errors: > dhcpd: unable to add reverse map from 51.20.10.172.in-addr.arpa. to > proccilapxp.dhcp.coloradostudios.com > : bad DNS key > dhcpd: unable to add reverse map from 51.20.10.172.in-addr.arpa. to > pr

Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

Problem. === I'm working on getting a DHCP / Bind / DDNS server set up. When a client receives an IP address "lease", I want the forward / reverese "zones" files updated so name lookups behave appropriately / as expected. After a couple