|
|||
Help secure old BIND on FreeBSD 5.4
Hey everyone,
With Kaminsky's annoucement of the bind vulnerability, I am struggling to patch all of my companies boxes. I found 2 freebsd 5.4 boxes with bind 8 that I have no idea how to update. Can someone please help by walking me through the steps of getting a secure version of bind up on freeBSD 5.4? Thanks! |
|
||||
You can install bind from ports:
dns/bind94 Or, even better, consider upgrading to FreeBSD 6 or 7, FreeBSD 5 is no longer supported.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
We checked the ISC BIND site and upgraded to the newest release which resolved this issue for us.
I compiled this manually, but installing from ports should be fine. I think that you should probably get a test box with FreeBSD 7.0-STABLE installed and install the most up-to-date version of BIND on there. Migrate a couple zonefiles over there and verify it's functioning properly. Recently I went through a round of upgrades to bring all our FreeBSD servers up to a minimum of 6.3 and I am sympathetic to anyone facing something similar. I used that opportunity to define an upgrade plan for those systems which historically had been left to their own devices. I was upgrading from 9.3, so I didn't see any unusual errors and there wasn't any service disruption. However, upgrading from 8 you might need to change the location of named in your rc.conf. I think that those earlier versions installed named in /usr/sbin and not /usr/local/sbin. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
how to secure my ftp? | milo974 | OpenBSD Security | 3 | 4th August 2009 03:47 PM |
Bind-9.5 | Petrocelli08 | FreeBSD Ports and Packages | 6 | 29th January 2009 12:03 AM |
Is this secure? | Ungenious | OpenBSD Security | 4 | 30th November 2008 02:27 AM |
squid bind problem | samile | Other BSD and UNIX/UNIX-like | 0 | 11th July 2008 02:13 PM |
BIND as secondary for Windows DNS? | cwhitmore | FreeBSD Installation and Upgrading | 7 | 16th May 2008 01:13 PM |