bind8, libpcap, tcpdump

Andrew Kohlsmith akohlsmith-news at
Mon Nov 18 21:41:10 PST 2002

> It's worth noting that to anyone who follows the principle of least
> privlege to the letter when designing subsystems, their nameservers
> would only be vulnerable to attack from network blocks which their
> systems "trusted" enough to provide regular, recursive nameservice for.
> For any of you running a caching nameserver at home, this means that you
> should not have been vulnerable to this bug, provided your system was
> configured properly.

Absolutely.  It should also be mentioned that the bind8 exploits are _only_ 
for Bind 8.  Bind 9 has been out for quite some time now.  (A cursory check 
on my servers shows only one out of the lot still on BIND 8, but it's 
configured as you detail here so it's not a priority to upgrade.  :-)

Unsubscribe: send email to listar at
and put 'unsubscribe lfs-security' in the subject header of the message

More information about the lfs-security mailing list