Vixie doing his part to make people upgrade (was:Re: Reasons whyBIND isn't being upgraded)

Sat Feb 3 16:33:24 UTC 2001

If they do a free security scan they are paying for it and your box is safe if
they are not advising you on the result, I would personally say Whew, thank
god someone has my back covered.....

mdevney at teamsphere.com wrote:

> On Fri, 2 Feb 2001, Patrick Greenwell wrote:
>
> >
> > P.S. AboveNet is taking the latest BIND vunerability(ies) seriously enough
> > that they are beginning wholescale scans of their address space. Draw your
> > own conclusions related to masking version numbers.
> >
> The bulk of that announcement from Above.net is from 2 lines:
> > We will be checking every IP in our space on port 53 in order to find
> > versions of BIND open to a root exploit.
>
> I'm not sure my agreement with Above.net allows them to scan my network,
> though it is admittedly their IP space.  I'll go check the paperwork on
> Monday.  (Honestly I expect to find it does, though I must have been
> smoking something when I signed it.  Above.net is usually on stable legal
> ground.)
>
> That aside, I am concerned that the announcement makes no mention of who
> they would disclose this information to.  Presumably the registered
> contacts for the offending customer, but above.net has not said they'll
> tell anyone.
>
> Needless to say, I am not happy with this.  I can't imagine anyone would
> be happy with their provider scanning their network.
>
> (Also leaving aside the fact that this scan will be pretty much
> useless, given cases where named is run as a different user, chroot'd,
> instructed to lie about its version number, etc.)
>
> Matthew Devney

--

Thank you;
|--------------------------------|
| Thinking is a learned process. |
| ICANN member @large            |
| Gigabit over IP, ieee 802.17   |
| working group                  |
| Resilient Packet Transport     |
|--------------------------------|
Henry R. Linneweh