Dns vulnerability

Discussion in 'General' started by Fortuyol, Jul 10, 2008.

  1. Fortuyol

    Fortuyol New Member

    This is my first message here.

    I use the perfect setup ubuntu 6.06 ispconfig Version: 2.2.23.

    I read today about of dns vulnerability www.doxpara.com. and just want to know which is the best way to upgrade BIND with this control panel.

    I do not know if upgrading bind, may cause some problem at the current configuration.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Yous should aways install all updates that are available for your linux distribution. So just install the bind updates with apt, yum or yast.
  3. matzhu

    matzhu New Member

    Could someone please clarify whether the DNS Cache Poisoning issue does in fact effect the BIND setup laid out in the Perfect Server with ISPConfig (i'm on CentOS 4.6 but assume the other distributions 'Perfect Server' setups implement BIND in the same way).

    Further, if this setup is affected, will performing an update via yum, apt, etc. break any part of this setup? Are there any precautions which need to be taken.

    Even further, will updating BIND with the recommended DNSSEC patch break any part of this setup?

    Thanks to any and all who can assist with this problem.

  4. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig does not use BIND as cache, but some poeple might have configured biund as cache for their network. There is mothing more to say then that what I said above: Yous should always install all available security updates from your linux distribution on your server!

    CentOS is the only linux distribution were Bind updates sometimes break the setup, to prevent this, install the bind update and redo the bind config steps from the perfect setup afterwards again.

Share This Page