Re: named exploit

To: Al - image hosting services <azick%zickswebventures.com@localhost>
Subject: Re: named exploit
From: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
Date: Fri, 25 Jul 2008 18:44:31 -0500 (CDT)

> > > HEAD, netbsd-4 and netbsd-4-0 have the fix already.
> 
> Can I just download the update to the source tree of bind and build it? If
> so, how would I do that?

Hi Al,

First: Be sure you join the Security-Announce and/or NetBSD-Announce 
mailing lists.

Then see the recent advisory at
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc

It has an example (which I modify slightly):

                cd src
                cvs update -r netbsd-4 -d -P dist/bind
                cvs update -r netbsd-4 -d -P usr.sbin/bind
                cd usr.sbin/bind
                make USETOOLS=no cleandir dependall
                make USETOOLS=no install

The advisory doesn't say, but also then do:

                /etc/rc.d/named restart

View the logs:

                tail -100 /var/log/messages | grep named

And check that it works for you with dig from internal and external (if 
needed).

References:
- Re: named exploit
  - From: Al - image hosting services

Prev by Date: Re: named exploit
Next by Date: Re: named exploit
Previous by Thread: Re: named exploit
Next by Thread: Re: named exploit
Indexes:

Home | Main Index | Thread Index | Old Index