[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: US-CERT Vulnerability Note VU#800113

Subject: Re: US-CERT Vulnerability Note VU#800113
From: Ryan Parrish <email@hidden>
Date: Fri, 25 Jul 2008 11:50:45 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden

On Jul 25, 2008, at 11:11 AM, Simon Slavin wrote:

On 25 Jul 2008, at 3:36pm, Dave Pooser wrote:

Nope, that's why I entrust DNS to folks smarter than me.

Hopefully they're smart enough not to use OS X server to host DNS.

This is sort-of the point I failed to make earlier: this vulnerability can be patched only if you're providing your own DNS service. The original poster said they were running /one/ server. So obviously ( :-) ) they're not providing DNS service. Therefore they don't need to do anything about it.

You need to have two (or more) servers if your serving authoritative zone records, he could very well be running a recursive caching server with just one box where this attack would still be valid.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

References:
	>Re: US-CERT Vulnerability Note VU#800113 (From: Dave Pooser <email@hidden>)
	>Re: US-CERT Vulnerability Note VU#800113 (From: Simon Slavin <email@hidden>)

Prev by Date: RE: Creating presets for WGM prefs (upgrading comp list to group)
Next by Date: Re: US-CERT Vulnerability Note VU#800113
Previous by thread: Re: US-CERT Vulnerability Note VU#800113
Next by thread: Re: US-CERT Vulnerability Note VU#800113
Index(es):
- Date
- Thread

Home