Everybody and their dog updates their DNS server software
Published: 2008-07-09 12:07:48
Apparently, a “fundamental issue in the DNS protocol” was discovered earlier this year, and yesterday everyone and their dog released updates to DNS server software to work around this issue. There are no details yet as to what this “fundamental issue” is, although I have seen some claims that this is not a new discovery, but rather something that was discovered already as far back as in 2003.
We will see who is right when the details get released. No matter what, it seems that it is probably a good idea to update your DNS server software if you happen to be running one. Debian claims they are unable to fix BIND version 8, so if you are using that for something mission-critical, you should probably upgrade.
Comments
- Date: 2008-07-10 08:07:12
- Name: dantesoft
Today's BIND/DNS library patches for Ubuntu say "SECURITY UPDATE: Randomize UDP query source ports to improve forgery resilience."
This was originally posted on My Opera at
http://my.opera.com/nafmo/blog/show.dml/2319343
Please note that links may be outdated and any information included here
may be obsolete.
← Wedding day | Opera 9.51 → | Back to the post index | Back to the archive index | Peter's homepage
One more interesting paper about DNS issues can be found here: http://www.citi.umich.edu/u/provos/papers/ndss08_dns.pdf