Solaris unaffected by latest BIND 9 vulnerabilities

Sun supported Solaris Operating Environments are not affected by the
latest BIND
vulnerabilities documented by the Internet Systems Consortium.

Solaris 8, 9 and 10 OE’s are unaffected as they provide earlier
versions of BIND which are not vulnerable to these latest vulnerabilities:

• SIG Query Processing (CVE-2006-4095):

Recursive servers:

Queries for SIG records will trigger a assertion failure if more
than one SIG (covered) RRset is returned. Exposure can be
minimised by restricting sources that can ask for recursion.

Authoritative servers:

If a nameserver is serving a RFC 2535 DNSSEC zone and is queried for the SIG records where the are multiple SIG(covered) RRsets (e.g. a zone apex) then named will trigger a assertion failure when it tries to construct the response.

• Excessive Recursive Queries INSIST failure (CVE-2006-4096):

It is possible to trigger an INSIST failure by sending enough recursive queries that the response to the query arrives after all the clients looking for the response have left the recursion queue.

Exposure can be minimised by restricting sources that can ask for recursion.

Note for BIND 9.2.x: Code handling this path for 9.2.x has been determined to be wrong, though ISC has not been able to detect an execution path that would trigger the erroneous code in 9.2.x.

Stace

Tag: topic:[BIND]

The Cycling Experiment – update

My cycling Experiment has gone extremely well. Rather then dispose of the car immediately I simply parked it in the staff car park where it sat unused for two months. After that I took the car home in preparation to sell it. Well I never got around to selling it as I didn’t think it was worth a great deal (Nissan Micra 1Litre H reg) and thought my niece would like it (seems I was wrong on that account too, but that’s another story).

Its now ten months later and I have cycled every day to the office…
Yes, I do work from home occasionally but not that often and then I
find I’m itching to go out for a cycle during the day.

Today it rained while cycling in, which is only the third time in ten
months. Its a strange phenomenon but around 18:00 the rain seems to
brake for a while, just long enough for me to get home.
Equally phenomenal is the fact that it seems to
start to rain when its time to collect the children from school!

Its time I was going home… And alas I forgot to hang up my cycle top
which is now still very damp! I’ll just cycle home in my day shirt.

One last thing, thanks to everyone who gave me encouragement to see
the experiment through.

Stace

Tag: topic:[rain] topic:[commuting] topic:[cycling]

BIND training from the ISC

The ISC are offering two instructer-lead training courses in San Francisco:

• Introduction to DNS & BIND
• Advanced DNS and BIND topics

I’m very happy to see the ISC offering these as the number of configuration issues that come through my email suggest it is dearly needed.

Tag: topic:[BIND] topic:[DNS]

Cycling wigs

BBC reports: research from Bath university suggests that my cycle helmet attracts vehicles while a wig might repel them.

Palm: A Screw missing…

I’m not referring to the fact that I still can’t purchase the new Treo 700p in the UK, although I do think that is pretty crazy. I’m referring to two screws that have dropped out of my Palm Tungsten T3. Thanks to entrepreneur Carmine Castiglia four new screws are in the post.

Looking familiar

Went to a BBQ on Sunday where I was immediately introduced to someone I just knew looked familiar, and so I just said so and without pausing for breath suggested that perhaps it was the Schools summer BBQ?…

Turns out I see him daily in my kitchen and living room as he is Darren Bett the BBC weather man 🙂