Archived copy of A Swedish wolf in Norway

Miscellaneous technobabble from a Swede in Norway.

Everybody and their dog updates their DNS server software

Published: 2008-07-09 12:07:48

Apparently, a “fundamental issue in the DNS protocol” was discovered earlier this year, and yesterday everyone and their dog released updates to DNS server software to work around this issue. There are no details yet as to what this “fundamental issue” is, although I have seen some claims that this is not a new discovery, but rather something that was discovered already as far back as in 2003.

We will see who is right when the details get released. No matter what, it seems that it is probably a good idea to update your DNS server software if you happen to be running one. Debian claims they are unable to fix BIND version 8, so if you are using that for something mission-critical, you should probably upgrade.

Tags: security dns

Comments

One more interesting paper about DNS issues can be found here: http://www.citi.umich.edu/u/provos/papers/ndss08_dns.pdf

Today's BIND/DNS library patches for Ubuntu say "SECURITY UPDATE: Randomize UDP query source ports to improve forgery resilience."

peter@softwolves.pp.se

This was originally posted on My Opera at http://my.opera.com/nafmo/blog/show.dml/2319343
Please note that links may be outdated and any information included here may be obsolete.

← Wedding day | Opera 9.51 → | Back to the post index | Back to the archive index | Peter's homepage