Re: root name server corruption, denial of service prob
Mark Kosters (markk@internic.net)
Thu, 21 Jul 1994 12:09:25 -0400 (EDT)
> I was told that internic database had a corruption, someone fell asleep on
> their keyboard or something, anyway point is there are inaccurate records
> in there that need to be fixed up. I fyou depend on reverse lookups not
> lying to allow acces then you can get a denial of service.
>
Not quite true. A number of the root name servers (outside of our
control) allowed recursion and got infected with bad data which
in turn aided in spreading it to other non-recursive servers. The roots
have since been fixed. We put in a patch to help aid in stopping this.
>
> Restarting your nameserver should fix things, but if your BIND is pre 4.9
> then it might be harder to get rid of the problems. It'd be a good idea to
> upgrade asap to BIND 4.9.2-940221. This should fix any refresh probs.
>
Bind 4.9.2-940221 is a bad idea especially for busy servers since
it has a file descriptor leak. 4.9.3 is much better (now in beta).
Here is info on where to get it:
# Getting the bits is tricky. If you have 4.9.3-BETA7 PATCH1, you only need to
# apply PATCH2 (included below). If you don't have BETA7 PATCH1 running, you
# need to get them and then apply PATCH2 (see below). The files are all on
# ftp.uu.net:~ftp in an unreadable directory called /private/bind:
#
# -rw-rw-r-- 1 vixie archive 1289153 Jul 11 03:56 bind-4.9.3-BETA7.tar.gz
# -rw-rw-r-- 1 vixie archive 24196 Jul 19 18:56 b7p1
# -rw-rw-r-- 1 vixie archive 7023 Jul 19 18:56 b7p2
Mark
--
Mark Kosters markk@internic.net +1 703 742 4795
Software Engineer InterNIC Registration Services