[CentOS] Updated bind marked as vulnerable

Wed Jul 30 18:38:59 UTC 2008
Toby Bluhm <tkb at midwestinstruments.com>

mbneto wrote:
> Hi,
> 
> I have a Centos 4.6 machine that even tough has been updated with the 
> latest bind 9.2.4-28.0.1.el4 is marked as vulnerable by 
> https://www.dns-oarc.net/oarc/services/dnsentropy.
> 
> I have another machine which also uses that same distro and is not.
> 
> Do I have to do any other update?
> 
> 
> 

Are those boxes directly handling your DNS requests to the internet for 
you  - i.e. their IPs show up in the test results as the DNS Resolvers? 
If yes, probably your named.conf would need to be looked at in the 
problem box.


More likely, it's your nameserver in your resolv.conf or the nameserver 
of your nameserver that the test site is talking to. You have to bug 
whoever runs those boxes about the problem.


-- 
Toby Bluhm
Alltech Medical Systems America, Inc.