hey I hope you all upgraded your DNS - GoFuckYourself.com

buyandsell · 08-09-2008, 10:14 AM

http://www.isc.org/index.pl?/sw/bind/bind-security.php

mrwilson · 08-09-2008, 10:19 AM

Thanks for the heads up

nico-t · 08-10-2008, 06:59 AM

i dont understand, what is this.. too technical to even bother to read it

TheDoc · 08-10-2008, 07:24 AM

Quote:

Originally Posted by nico-t

i dont understand, what is this.. too technical to even bother to read it

You can read the Wired down version of what's going on here.

fluffygrrl · 08-10-2008, 12:23 PM

O brother.

This is a rare day indeed.

fris · 08-10-2008, 01:08 PM

thanks for the update spanno

Adult Creative Labs · 08-10-2008, 03:00 PM

I've been reading about this for a month now. It is truly worrying.

qxm · 08-10-2008, 03:08 PM

It would be nice to hear about security measures being taken from major hosting companies about this !!!

Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!....

jollyperv · 08-10-2008, 04:49 PM

Quote:

Originally Posted by qxm

It would be nice to hear about security measures being taken from major hosting companies about this !!!

Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!....

Yep, would be nice to hear

Manowar · 08-10-2008, 05:13 PM

sounds pretty fucked

Iron Fist · 08-10-2008, 05:18 PM

The world fall apart yet? No?? Okay then.... keep moving folks...

GrouchyAdmin · 08-10-2008, 06:19 PM

Bind security holes? What's next? a problem with sendmail!?

Evil E · 08-10-2008, 08:05 PM

Quote:

Originally Posted by GrouchyAdmin

Bind security holes? What's next? a problem with sendmail!?

LOL that made me laugh, but this doesn't have to do with BIND but with the way DNS was designed as the others name daemons are also vulnerable.

Evil E · 08-10-2008, 08:06 PM

Quote:

Originally Posted by qxm

It would be nice to hear about security measures being taken from major hosting companies about this !!!

Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!....

Patches have been out for about a month. If it wasn't patched then your hosting co probably knows less than you about anything.

SmokeyTheBear · 08-10-2008, 08:47 PM

Quote:

Originally Posted by sharphead

The world fall apart yet? No?? Okay then.... keep moving folks...

you would wait for the world to fall apart before fixing it ?

Iron Fist · 08-10-2008, 08:57 PM

Quote:

Originally Posted by SmokeyTheBear

you would wait for the world to fall apart before fixing it ?

ne0 · 08-10-2008, 11:14 PM

Hello,
As I see some of our clients sent us questions about this issue, guided by this particular thread.
Just want you to know that we actually have this covered for a while.
This vulnerability is not new and is the reply to many of those interesting '302 errors' webmasters experiences sometimes.
While dnssec is the reply for this problem this isn't something widely spread.
What most sysadmins are doing right now, is raise the range of ports used to reply the queries making the guessing harder.
This happens for a while and exploits for this have been running the internet for about two years or so.

spooky181 · 08-10-2008, 11:41 PM

Quote:

Originally Posted by SplitNeo

Hello,
As I see some of our clients sent us questions about this issue, guided by this particular thread.
Just want you to know that we actually have this covered for a while.
This vulnerability is not new and is the reply to many of those interesting '302 errors' webmasters experiences sometimes.
While dnssec is the reply for this problem this isn't something widely spread.
What most sysadmins are doing right now, is raise the range of ports used to reply the queries making the guessing harder.
This happens for a while and exploits for this have been running the internet for about two years or so.

Thanks, one of the many reasons I am with you guys....

rhcp011235 · 08-11-2008, 12:09 AM

ISPRIME doesnt use bind. Thus no security issues

NEXT!

ne0 · 08-11-2008, 12:22 AM

Just that it's not only bind

Any caching server that is open to recursive queries is vulnerable.
But I'm pretty sure isprime got that covered as well

DutchTeenCash · 08-11-2008, 04:20 AM

thanks good read

born4porn · 08-11-2008, 04:30 AM

thanks 4 the heads up!!

WebairGerard · 08-11-2008, 07:33 AM

We have been aware of this vulnerability as it is not new.
Webair does not use bind and this does not impact any of our clients or services.

split_joel · 08-11-2008, 03:08 PM

It doesn't just affect bind.

Los · 08-11-2008, 04:26 PM

lol this isnt a bug in bind this is a bug in the design of dns just about every maker has been effected.

fris · 08-11-2008, 04:51 PM

dns posining isnt a bind thing, every dns daemon has some vuln to it

08-09-2008, 10:14 AM	#1
buyandsell Confirmed User Industry Role: Join Date: May 2008 Location: USA Posts: 692	hey I hope you all upgraded your DNS http://www.isc.org/index.pl?/sw/bind/bind-security.php

08-10-2008, 01:08 PM	#6
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,372	thanks for the update spanno __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff

08-10-2008, 03:00 PM	#7
Adult Creative Labs Confirmed User Join Date: Jul 2008 Location: Global Posts: 221	I've been reading about this for a month now. It is truly worrying. __________________ . ICQ: 498299527 Email: sales -at- adultcreativelabs.com

08-10-2008, 03:08 PM	#8
qxm Confirmed User Join Date: Jul 2006 Location: NoHo Posts: 5,970	It would be nice to hear about security measures being taken from major hosting companies about this !!! Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!.... __________________ ICQ: 266990876

08-10-2008, 05:18 PM	#11
Iron Fist Too lazy to set a custom title Join Date: Dec 2006 Posts: 23,400	The world fall apart yet? No?? Okay then.... keep moving folks... __________________ i like waffles

08-09-2008, 10:19 AM	#2
mrwilson mrwilson 2.0 Industry Role: Join Date: Jul 2007 Location: ICQ: 465406783 Posts: 5,122	Thanks for the heads up

08-10-2008, 06:59 AM	#3
nico-t emperor of my world Join Date: Aug 2004 Location: nethalands Posts: 29,903	i dont understand, what is this.. too technical to even bother to read it

08-10-2008, 12:23 PM	#5
fluffygrrl So Fucking Banned Join Date: May 2006 Posts: 2,187	O brother. This is a rare day indeed.

08-10-2008, 05:13 PM	#10
Manowar jellyfish Join Date: Dec 2003 Posts: 71,528	sounds pretty fucked

08-10-2008, 06:19 PM	#12
GrouchyAdmin Now choke yourself! Industry Role: Join Date: Apr 2006 Posts: 12,085	Bind security holes? What's next? a problem with sendmail!? __________________ AIM: GrouchyGfy

08-10-2008, 11:14 PM	#17
ne0 Confirmed User Join Date: May 2006 Location: brazil Posts: 781	Hello, As I see some of our clients sent us questions about this issue, guided by this particular thread. Just want you to know that we actually have this covered for a while. This vulnerability is not new and is the reply to many of those interesting '302 errors' webmasters experiences sometimes. While dnssec is the reply for this problem this isn't something widely spread. What most sysadmins are doing right now, is raise the range of ports used to reply the queries making the guessing harder. This happens for a while and exploits for this have been running the internet for about two years or so. __________________ hai2u

08-11-2008, 12:09 AM	#19
rhcp011235 Confirmed User Industry Role: Join Date: Sep 2007 Location: North Carolina Posts: 538	ISPRIME doesnt use bind. Thus no security issues NEXT! __________________ Skype rhcp011235 \| Cell Phone 212.812.9043 \| Email [email protected] https://www.jbhale.com All my social media

08-11-2008, 12:22 AM	#20
ne0 Confirmed User Join Date: May 2006 Location: brazil Posts: 781	Just that it's not only bind Any caching server that is open to recursive queries is vulnerable. But I'm pretty sure isprime got that covered as well __________________ hai2u

08-11-2008, 04:20 AM	#21
DutchTeenCash I like Dutch Girls Join Date: Feb 2003 Location: dutchteencash.com Posts: 21,684	thanks good read __________________ ICQ 16 91 547 - SKYPE dutchteencash bob AT dutchteencash DOT com ... did you see our newest Sweet Natural Girl Priscilla (18)?

08-11-2008, 04:30 AM	#22
born4porn FUKM ALL! Join Date: Jan 2004 Location: somewhere wet n sticky - Sydney Posts: 38,781	thanks 4 the heads up!!

08-11-2008, 07:33 AM	#23
WebairGerard Confirmed User Industry Role: Join Date: Sep 2005 Posts: 8,113	We have been aware of this vulnerability as it is not new. Webair does not use bind and this does not impact any of our clients or services. __________________

08-11-2008, 03:08 PM	#24
split_joel Confirmed User Join Date: Jan 2005 Posts: 2,270	It doesn't just affect bind. __________________ E-mail marketing - Automation Scripting - IP Space AIM: splitjoelp ICQ: 254759453 skype - splitjoelp 702-941-6465

08-11-2008, 04:26 PM	#25
Los Confirmed User Join Date: Jul 2001 Location: San Francisco Posts: 427	lol this isnt a bug in bind this is a bug in the design of dns just about every maker has been effected.

08-11-2008, 04:51 PM	#26
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,372	dns posining isnt a bind thing, every dns daemon has some vuln to it __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff