[CentOS] BInd Problem or Update SSL ?

Fri Feb 18 22:37:05 UTC 2011
James Hogarth <james.hogarth at gmail.com>

>
> Our network consists of aaa.bbb.ccc.0/19.  That's CIDR notation for
> 8,192 addresses.
>

But what has that got to do with "www.yahoo.com moved into our /19"
.... your comment is pretty unclear.

>
> IMHO, fully updated purpose-built servers running 4.8 should have more
> or less the same vulnerablity profile as 5.5 IFF RH is doing a good
> job of backporting security fixes.
>

Why are you so sure it was a bind issue? What logs/research has come
to that conclusion?

Would bind 9.7 really have helped you if you were hacked or was your
vulnerability elsewhere - and if so where? Was this the same server
that you posted where you had mangled the install with force
reinstalling rpms from SL and/or oracle that you posted about before
for instance?


> I am supported in that statement by my mentor at FedEx but NOT by my
> mentor at Internet2.
>

Your mentor? What do you mean by that?

>
> We installed openssl-1.0.0c Jan 23 20:30 27 minutes after filing the
> original post IIRC.

If you were so gung ho about security that you wanted bleeding edge
bind even newer than current centos 5 why are you so out of date on
your openssl libraries. Given that you are out of date on those as per
your previous posts would the currently released bind on rhel5 iff it
was already on c5 really have been installed? If you were that
desperate you could have built the srpms yourself.... or taken 9.7
from c5-testing.

You have posted the same rubbish over and over without any
substantiation with wild allegations.

Post details if you need help or just please stop ranting to no point.

James