how to protect name servers against cache corruption

Juergen Georgi georgi at belwue.de
Tue Jul 22 21:48:15 UTC 1997 

> a BIND 4.9.6 or 8.1.1 server is immune.  so, you could upgrade.  to so do,
> see http://www.isc.org/isc/ which will lead you to ftp://ftp.isc.org/isc/.
> (the root name servers are all running modern software at this point.)

... but not all run BIND 4.9.6 or 8.1.1:

$ for i in a b c d e f g h i j k l m; do
> echo $i.root-servers.net
> host -t txt -c chaos version.bind $i.root-servers.net
> done
a.root-servers.net
VERSION.BIND            TXT     "named 4.9.5-P1 Tue Apr 22 16:46:54 EDT 1997\
        root at premier1:/usr/local/src/bind/bind-4.9.5-P1-MAK/named"
b.root-servers.net
VERSION.BIND            TXT     "8.1.1"
c.root-servers.net
VERSION.BIND            TXT     "named 4.9.5-REL Wed Feb 19 16:23:19 EST 1997\
        arthur at sol25.sa.psi.com:/opt/dist/sol25/Generic/src/bind-4.9.5p1/bind-ns
/named"
d.root-servers.net
VERSION.BIND            TXT     "4.9.6-REL+terp_mods"
e.root-servers.net
VERSION.BIND            TXT     "8.1.1"
f.root-servers.net
VERSION.BIND            TXT     "8.1.1"
g.root-servers.net
VERSION.BIND            TXT     "8.1.1"
h.root-servers.net
version.bind TXT record in class CH not found, server failure
i.root-servers.net
VERSION.BIND            TXT     "8.1.1"
j.root-servers.net
VERSION.BIND            TXT     "8.1.1"
k.root-servers.net
VERSION.BIND            TXT     "8.1.1"
l.root-servers.net
VERSION.BIND            TXT     "8.1.1"
m.root-servers.net
VERSION.BIND            TXT     "8.1.1"


Juergen Georgi                        BelWue Network Operations Center
RUS University of Stuttgart, Allmandring 30A, 70550 Stuttgart, Germany
E-Mail: georgi at belwue.de, Phone: +49 711 685 5739, Fax: +49 711 682357

More information about the NANOG mailing list