> I was told that internic database had a corruption, someone fell asleep on > their keyboard or something, anyway point is there are inaccurate records > in there that need to be fixed up. I fyou depend on reverse lookups not > lying to allow acces then you can get a denial of service. > Not quite true. A number of the root name servers (outside of our control) allowed recursion and got infected with bad data which in turn aided in spreading it to other non-recursive servers. The roots have since been fixed. We put in a patch to help aid in stopping this. > > Restarting your nameserver should fix things, but if your BIND is pre 4.9 > then it might be harder to get rid of the problems. It'd be a good idea to > upgrade asap to BIND 4.9.2-940221. This should fix any refresh probs. > Bind 4.9.2-940221 is a bad idea especially for busy servers since it has a file descriptor leak. 4.9.3 is much better (now in beta). Here is info on where to get it: # Getting the bits is tricky. If you have 4.9.3-BETA7 PATCH1, you only need to # apply PATCH2 (included below). If you don't have BETA7 PATCH1 running, you # need to get them and then apply PATCH2 (see below). The files are all on # ftp.uu.net:~ftp in an unreadable directory called /private/bind: # # -rw-rw-r-- 1 vixie archive 1289153 Jul 11 03:56 bind-4.9.3-BETA7.tar.gz # -rw-rw-r-- 1 vixie archive 24196 Jul 19 18:56 b7p1 # -rw-rw-r-- 1 vixie archive 7023 Jul 19 18:56 b7p2 Mark -- Mark Kosters markk@internic.net +1 703 742 4795 Software Engineer InterNIC Registration Services