search for: mark_andrew

Hello, I have been using FreeBSD-7.0STABLE with BIND-9.4.2 ( i guess, forget to check before upgrade) up to 2008-01-26 (yesterday). But after upgrade FreeBSD-7.0STABLE-->FreeBSD-7.1STABLE everything goes wrong. 1.BIND can't start anymore and giving me following message at /var/log/messages: . . . Jan 27 12:30:20 ns kernel: ad4: 152587MB <WDC WD1600AAJS-75PSA0 05.06H05> at

My BIND9.6.0 on FreeBSD 6.2 works fine when I manually start with: root@ns2# named -4 -S 1024 -c /etc/namedb/named.conf But it won't start on boot and no error messages or log. And it won't start using rndc, it cause error message. Why does the error shows port 953 when I specified for port 53 in the config? rndc: connect failed: 127.0.0.1#953: connection refused Below are

I've got three installations of FreeBSD using 6to4 in three different physical locations, attached to three different ISPs. Sometime in the last few days all of them have stopped talking to IPv6 addesse which are not also 6to4. I can still talk to 2002: addresses, but not to 2001: addresses. This all worked fine a few days ago, and nothing has changed in the config of any of these machines. I

Hello, Freebsd-stable. BIND on my new router (7.1-STABLE, BIND 9.4.3-P1) shows bunch of errors on every start and doesn't answer on requests for 30-60 seconds after that. Errors are like this: Jan 24 12:18:12 gateway named[1455]: /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1567: unexpected error: Jan 24 12:18:12 gateway named[1455]: internal_send: 193.0.14.129#53:

Hello, recently I've installed 7.0 and now I'm observing strange thing with my Internet connection. Access to some sites may be VERY slow or doesn't work at all with different kinds of timeout messages or without messages at all (but other sites works fine). For example, firefox may say "Transferring data from..." message and then "The connection to the server was reset

Installed using pkd_add or ports BIND-9.6.0-P1 working fine. 1.But seems can't run under chroot well: ---------------------------------------------------------- Jan 27 13:54:08 ns named[36447]: starting BIND 9.6.0-P1 -c named.conf -t /var/named -u bind Jan 27 13:54:08 ns named[36447]: built with '--localstatedir=/var' '--disable-linux-caps'

Hi, looking at the messages i see errors with ntp everytime i reboot my server: shiva2# tail /var/log/messages Apr 5 15:32:46 shiva2 kernel: Trying to mount root from ufs:/dev/da0s1a Apr 5 15:32:46 shiva2 ntpd[385]: ntpd 4.2.0-a Tue Mar 14 04:43:54 UTC 2006 (1) Apr 5 15:32:46 shiva2 ntpd[385]: bind() fd 6, family 28, port 123, addr fe80:1::20b:cdff:fe42:3d63, in6_is_addr_multicast=0 flags=0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:02.bind Security Advisory The FreeBSD Project Topic: Multiple Denial of Service vulnerabilities in named(8) Category: contrib Module: bind

Hi! I fully understand and second efforts on educating people how to configure BIND to be stong to attacks and keep them from using "query-source address" with "port" option but how about binding named to particular IP address when host has many of them? Using "query-source address" without "port" is the only solution (not speaking of jails here) and safe

Hello Folks, The official email address for this list is `freebsd-security@freebsd.org'. Due to convention, there is an email alias for this list: security@freebsd.org, just as there is for hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on. The security@freebsd.org alias has been the source of occassional problems. Several times in the past, postings have been made to

How 'bout PAM? /usr/ports/security/pam_ldap. If you have machines that can't do PAM, perhaps NIS is the way to go (assuming, of course, you're behind a firewall). You can store login information in LDAP like you want, then use a home-grown script to extract the information to a NIS map. Or, if you have a Solaris 8 machine lying around, you can cut out the middle step and use

In http://www.freebsd.org/releases/7.0R/announce.html says Updating Existing Systems > An upgrade of any existing system to FreeBSD 7.0-RELEASE constitutes > a major version upgrade, so no matter which method you use to update > an older system you should reinstall any ports you have installed on > the machine. This will avoid binaries becoming linked to inconsistent > sets

http://www.isc.org/sw/bind/view/?release=9.3.4 SECURITY ADVISORIES * CVE-2006-4095 CERT Vulnerability Note VU#915404 NISCC 172003 * CVE-2006-4096 CERT Vulnerability Note VU#697164 NISCC 172003 * CAN-2005-0034 NISCC-UNIRAS 20050125-00059 CERT Vulnerability Note VU#938617 [ODiP] == Dmitry Grigorovich

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced: