On Tue, 28 Jan 1997, Aleph One wrote: > > Finally, on the issue of NT DNS. There was a security advisory sent out > by Secure Computing indicating that NT DNS could be exploited by sending The advisory was released by Secure Networks Inc. *Not* Secure Computing. > results were that between DNS.EXE and SERVICES.EXE the CPU utilization > was pegged at 100%. The issue we released an advisory on was the NT DNS server choking and dying when it recieved a response for a query it never issued. The patch provided does not work. > these problems, but I should warn you that this is not a supported fix Yep, it is in fact an usupported patch. > Given that DNS is one of the things that must be left open, the fact > that it resolves the CPU 100% utilization problem from Telnet > connections makes it a good fix in my book. I leave it to you to decide > if you want to apply it or not. As yet, I have not seen a version for > Alphas. While the patch does not work for what *we* reported, it did seem to fix the 100% CPU usage problem. Cold comfort considering anyone, anywhere on the Internet can easilly *remove* your DNS server. /************************************************************************* Alfred Huger Phone: 403.262.9211 Secure Networks Inc. Fax: 403.262.9221 "Sit down before facts as a little child , be prepared to give up every preconcieved notion, follow humbly wherever and whatever abysses nature leads, or you will learn nothing" - Thomas H. Huxley **************************************************************************/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:13:20 PDT