TechTarget

ISC releases security fix for Bind DoS vulnerability

The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3.

The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3.

The update fixes a high-risk, remotely exploitable, denial-of-service vulnerability in Bind, distributed by default with most Unix and Linux platforms, said the Internet Systems Consortium (ISC).

Bind, a widely-used DNS server software, is one of the preferred targets for attackers on the internet, according to the Internet Storm Center of the SANS Institute.

"When a server that is authoritative for a domain processes a successful domain transfer operation (IXFR) or a dynamic update, there is a small window of time where this processing, combined with a high amount of queries, can cause a deadlock which makes the DNS server stop processing further requests," a SANS Institute bulletin said.

According to the bulletin, organisations with Bind installed should upgrade to Bind 9.7.3 and remember the following basic security measures:

-Only allow IXFR transfers from known secondary servers of your domain. You don't want to let people know all the list of public IP addresses associated with your domain

-Keep separated your internal DNS information from your external DNS information. Some DNS provides information about private addresses used inside the corporate network

-Allow recursive requests only from your internal DNS. If you allow recursive requests from the internet, you are exposed to a distributed denial of service

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close