[dns-operations] CVE 2015-8000 actively exploited yesterday
mghali at snark.net
Thu Dec 17 01:42:42 UTC 2015
Every Ops team has their favorite way to monitor processes/services. This is a separate facility than the name server daemon, and should be distributed separately. Trying to jam them together will never make more than 3% of the audience happy, yet annoy another 66%.
> On Dec 16, 2015, at 3:50 PM, Nick Urbanik <nick.urbanik at optusnet.com.au> wrote:
> BIND really needs to have a better strategy to dealing with unexpected
> input other than by dying. Perhaps the assumption is that everyone is
> using some kind of script that checks it's running, and if not,
> restarts it. If that is the case, that should be explicitly stated,
> and made policy for packagers, such as Red Hat.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4103 bytes
Desc: not available
More information about the dns-operations