zdnet article on Linux security
Mike Sheldon
msheldon@desertraven.com
Mon, 14 Feb 2000 23:50:39 -0700
Recap on BIND vulnerabilities...
Distro doesn't matter, if it's not 8.2.2 patchlevel 3 or higher, it's
vulnerable.
Redhat has updates for 6.0 and 6.1 on their ftp site.
ftp://ftp.redhat.com/pub/redhat/updates/6.1/i386/
Or, get the source at:
ftp://ftp.isc.org/isc/bind/src/8.2.2-P5
I've heard a bit of speculation here and there that BIND exploits may have
been a common means of cracking systems as a means of creating TFN and
trin00 zombies used in the latest DoS attacks.
Michael J. Sheldon
Internet Applications Developer
Phone: 480.699.1084
http://www.desertraven.com/
PGP Key Available on Request