GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   hey I hope you all upgraded your DNS (https://gfy.com/showthread.php?t=846869)

buyandsell 08-09-2008 10:14 AM
hey I hope you all upgraded your DNS
 
http://www.isc.org/index.pl?/sw/bind/bind-security.php

mrwilson 08-09-2008 10:19 AM
Thanks for the heads up :thumbsup

nico-t 08-10-2008 06:59 AM
i dont understand, what is this.. too technical to even bother to read it

TheDoc 08-10-2008 07:24 AM
Quote:
Originally Posted by nico-t (Post 14587224)
i dont understand, what is this.. too technical to even bother to read it
You can read the Wired down version of what's going on here.

fluffygrrl 08-10-2008 12:23 PM
O brother.

This is a rare day indeed.

fris 08-10-2008 01:08 PM
thanks for the update spanno

Adult Creative Labs 08-10-2008 03:00 PM
I've been reading about this for a month now. It is truly worrying.

qxm 08-10-2008 03:08 PM
It would be nice to hear about security measures being taken from major hosting companies about this !!!

Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!....

jollyperv 08-10-2008 04:49 PM
Quote:
Originally Posted by qxm (Post 14588417)
It would be nice to hear about security measures being taken from major hosting companies about this !!!

Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!....
Yep, would be nice to hear

Manowar 08-10-2008 05:13 PM
sounds pretty fucked

Iron Fist 08-10-2008 05:18 PM
The world fall apart yet? No?? Okay then.... keep moving folks...

GrouchyAdmin 08-10-2008 06:19 PM
Bind security holes? What's next? a problem with sendmail!?

Evil E 08-10-2008 08:05 PM
Quote:
Originally Posted by GrouchyAdmin (Post 14588914)
Bind security holes? What's next? a problem with sendmail!?
LOL that made me laugh, but this doesn't have to do with BIND but with the way DNS was designed as the others name daemons are also vulnerable.

Evil E 08-10-2008 08:06 PM
Quote:
Originally Posted by qxm (Post 14588417)
It would be nice to hear about security measures being taken from major hosting companies about this !!!

Come on WEBAIR, MOJO, PHAT, ISPRIME, PR and all other I forgot to mention !!!....
Patches have been out for about a month. If it wasn't patched then your hosting co probably knows less than you about anything.

SmokeyTheBear 08-10-2008 08:47 PM
Quote:
Originally Posted by sharphead (Post 14588739)
The world fall apart yet? No?? Okay then.... keep moving folks...
you would wait for the world to fall apart before fixing it ?

Iron Fist 08-10-2008 08:57 PM
Quote:
Originally Posted by SmokeyTheBear (Post 14589283)
you would wait for the world to fall apart before fixing it ?
:helpme:helpme:helpme

ne0 08-10-2008 11:14 PM
Hello,
As I see some of our clients sent us questions about this issue, guided by this particular thread.
Just want you to know that we actually have this covered for a while.
This vulnerability is not new and is the reply to many of those interesting '302 errors' webmasters experiences sometimes.
While dnssec is the reply for this problem this isn't something widely spread.
What most sysadmins are doing right now, is raise the range of ports used to reply the queries making the guessing harder.
This happens for a while and exploits for this have been running the internet for about two years or so.

spooky181 08-10-2008 11:41 PM
Quote:
Originally Posted by SplitNeo (Post 14589597)
Hello,
As I see some of our clients sent us questions about this issue, guided by this particular thread.
Just want you to know that we actually have this covered for a while.
This vulnerability is not new and is the reply to many of those interesting '302 errors' webmasters experiences sometimes.
While dnssec is the reply for this problem this isn't something widely spread.
What most sysadmins are doing right now, is raise the range of ports used to reply the queries making the guessing harder.
This happens for a while and exploits for this have been running the internet for about two years or so.
Thanks, one of the many reasons I am with you guys....:thumbsup

rhcp011235 08-11-2008 12:09 AM
ISPRIME doesnt use bind. Thus no security issues :)

NEXT!

ne0 08-11-2008 12:22 AM
Just that it's not only bind :)
Any caching server that is open to recursive queries is vulnerable.
But I'm pretty sure isprime got that covered as well:)

DutchTeenCash 08-11-2008 04:20 AM
thanks good read

born4porn 08-11-2008 04:30 AM
thanks 4 the heads up!! :thumbsup

WebairGerard 08-11-2008 07:33 AM
We have been aware of this vulnerability as it is not new.
Webair does not use bind and this does not impact any of our clients or services. :thumbsup

split_joel 08-11-2008 03:08 PM
It doesn't just affect bind. :warning

Los 08-11-2008 04:26 PM
lol this isnt a bug in bind this is a bug in the design of dns just about every maker has been effected.

fris 08-11-2008 04:51 PM
dns posining isnt a bind thing, every dns daemon has some vuln to it


All times are GMT -7. The time now is 06:36 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123