[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

using bind9 to protect resolvers

To: misc@openbsd.org
Subject: using bind9 to protect resolvers
From: Darren Reed <avalon@coombs.anu.edu.au>
Date: Thu, 27 Jun 2002 14:30:55 +1000 (Australia/ACT)

There was a post elsewhere that using BIND 9 as a forwarder will
negate this threat as BIND 9 reconnstructs all DNS queries/replies,
hence dismantling the buffer overflow.

So if you can't upgrade everything's libc, just forcing everything
to send/receive DNS stuff through a BIND 9 named will provide
protection from this attack.

Follow-Ups:
- Re: using bind9 to protect resolvers
  - From: Gregory Steuck <greg@nest.cx>

Prev by Date: Re: Way, way off topic
Next by Date: Re: Honesty
Prev by thread: Re: Way, way off topic
Next by thread: Re: using bind9 to protect resolvers
Index(es):
- Date
- Thread