Bind 9 Vulnerabilities
Jul 29, 2009[url]
Upgrade if this affects you.
[url]
Upgrade if this affects you.
Acunetix says my site has 28 XSS vulnerabilities?
For example it says calendar.pl is vulnerable and it was able to set a javascript alert as the variable calendar_view.
How can I fix this?
Vulnerability description
This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.
Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. A browser execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.
This vulnerability affects /cgi-bin/calendar.pl.
The impact of this vulnerability
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application
Attack details
The POST variable calendar_view has been set to >"><ScRiPt%20%0a%0d>alert(398096611151)%3B</ScRiPt>.
Cacti version 0.8.6i has vulnerability: [url]
Solution: [url]
Just got this email
Quote:
Dear Customers,
Multiple security vulnerabilities were discovered in hyperVM and Lxadmin/Kloxo. It is recommended that you update your hyperVM/Kloxo systems to the latest version, as soon as possible.
Details of the vulnerabilities will be posted in the coming days in our forum.
On hyperVM or Kloxo master, Run:
/script/upcp
Lxlabs Support Team
How I can secure my server from vulnerabilities and threats and ddos attack? How can I find my server is compromised or hacked?
Which ports I should check, what commands I should fired on shell prompt? which softwares you will recommend.
I upgrade bind with this :
# wget [url]
# tar xvfz bind-9.4.1-P1.tar.gz
# cd bind-9.4.1-P1
# ./configure
# make
# make install
but doesnt work I have always bind version is
PHP Code:
[root@server bind-9.4.1-P1]# named -vBIND 9.2.4
how can I make upgrade with the correct way?
i work in a new ISP company, and ive been assigned to the DNS server, and before this i have never even heard of BIND, but now im in need of learning it ....and im only fairly familiar to Linux..so here are me questions:
1. where can i find a beginners guide to DNS and BIND?
2. what distribution is best suited for the server?
3. are there any default templates for the BIND config files that one could start with and modify?
4. how many files are there? i mean every time a read a bit about BIND pops up a new file name.. so how many files are enough?
5. would any1 care to help me out step by step throught my ordeal?
6. are there any training courses that i could take? are there any onlline ones? or videos that i could grab off the net?
7. how many times does a swallow have to flap its wings to maintain airspeed velocity in order to carry a coconut?
which one is better for me?
VPS 512 ram and cpanel/whm centos
BIND or NSD?
and what's different between them?
This has been troubling me for a long time.. I know you can do this in FreeBSD with ipfw but I'm wanting to do this in linux.
Basicly bind an IP address say eth0:1 to a UID or GID so that this user may only listen on that particular IP, etc.
I have managed to install BIND 9.4 on my home web server so that i can have my own domain (one that i can manage). I have made a domain with it called h2o-cms.org, the domain will work when i connect to it from my home lan but if i use a cgi proxy to connect it can't be found.
I'm using Windows XP
This is my named.conf
Code:
// Config file for caching only name server
acl "friends" {
localnets;
127.0.0.1;
};
options {
directory "C:
amedetc";
version "SERVFAIL";
allow-transfer { none; };
allow-recursion { "friends";};
// Uncommenting this might help if you have to go through a
// firewall and things are not working out. But you probably
// need to talk to your firewall admin.
query-source port 53;
};
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "locals.hosts";
};
zone "h2o-cms.org" {
type master;
file "h2o-cms.org";
};
this is my h2o-cms.org file
Code:
$TTL 600
; h2o-cms.org
@ IN SOA laxlxns01.h2o-cms.org. hostmaster.h2o-cms. (
2005062601 ; serial
12h ; refresh
1h ; retry
2w ; expire
1h ; minimum
)
IN NS laxlxns01.h2o-cms.org.
IN NS laxlxns02.h2o-cms.org.
IN MX 10 mail.h2o-cms.org.
@ IN A 80.46.117.13
; host records
localhost IN A 127.0.0.1
www IN A 80.46.117.13
I have forwarded the port 535 to the server too
Not sure if this is the right place - sorry if it isn't. Recently, I got really pi**ed off with cPanel - and have decided to try and load my server without it.
I'm using Webmin/Usermin/Virtualmin with Apache, PHP, MySQL, proftpd, and BIND.
But I'm not entirely sure on how to create nameservers on BIND - I've looked all over the internet, but have found nothing helpful.
if it is possible to bind 2 NS to the same IP
For example, I previously had n1.abc.com , ns2.abc.com bind to certain IP. Now I registered another domain name, say abcdummy.com at another reseller and was given the option to choose my private dns. But instead of ns1.abcdummy.com and ns2.abcdummy.com, I thought this name doesn't sound that nice to be an NS. So I asked for ns3.abc.com and ns4.abc.com
Which has been registered and propogated successfully. But I want to move these domains on abc.com to abcdummy.com server, as i will not be using my reseller package at abc.com any more
So now, but its a lot work to do if I was to change these domain name NS one by one. So could I instead bind ns1.abc.com and ns2.abc.com to the same IP as ns3.abc.com and ns4.abc.com
I am trying to use BIND on Windows XP Professional to host a website off my computer using a domain. I have downloaded BIND but now I have no clue what to do. For the name servers of the domain I have put in my IP address.
What do I need to do to get a domain to point towards my computer?
I get the following message via SSH when i try named restart
named: symbol lookup error: named: undefined symbol: dns_resolver_setudpsize
All my sites are currently down but the server is up and bind wont restart either in WHM or SSH
i am using WHM 10.6.0 cPanel 10.8.0-R8
CentOS 4.3 i686 - WHM X v3.1.0
Linux ***.server.com 2.6.9-11.EL #1 Wed Jun 8 16:59:52 CDT 2005 i686 i686 i386 GNU/Linux
I spoke to live support at nexpoint but they told me to email their dedicated server support but I havent had a reply in the last few hours.
I am having some trouble with my DNS recently. Here are the errors I am receiving:
06-Apr-2009 19:09:13.921 could not open entropy source /dev/random: file not found
06-Apr-2009 19:09:13.921 ignoring config file logging statement due to -g option
06-Apr-2009 19:09:13.921 couldn't open pid file '/var/run/named/named.pid': Permission denied
has anyone successfully updated from bind9.2.x to BIND 9.5.0-P1? Were there any problems regarding settings, zone files, etc etc? Can you explain the process in detail for the update? One of my customers wishing to have this done, is running CentOS, I assume yum would be the best course of actions?
View 14 Replies View RelatedI ran "yum update" on one of my servers, and it must've updated BIND, because now named doesn't start.
I basically hit all the problems in this thread:
[url]
This is CentOS4 with Plesk.
Even though I don't have that package installed, and tried every suggestion there, it still doesn't start... I mucked with the configs and moved so many files I don't know how to get back to where I started.
Quote:
Jul 24 05:08:06 www named: /etc/named.conf:67: open: /etc/rndc.key: file not found
What's my best bet for fixing this mess? I sent in an e-mail to two "server administration" companies I found in signatures here, hopefully one of them will be available today.
I changed the nameservers on critical domains to a free DNS service to get them back online, but they're acting oddly (like DB timeouts), perhaps because of the lack of a local nameserver to talk to.
But in the meantime is there anything I can do to try to fix this quick?
bind in my server isn't working and when I restart it on cPanel this is what I get:
Restarting Bind
ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored.
Attempting to restart named Waiting for named to restart.... . . . . . . . . . . finished.
ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored. ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored. named status
ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored. ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored. named has failed, please contact the sysadmin (result was "named is not running"). Apr 26 17:54:09 orion named: ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored. Apr 26 17:54:09 orion named: zone localdomain/IN: loaded serial 42 Apr 26 17:54:09 orion named: zone localhost/IN: loaded serial 42 Apr 26 17:54:09 orion named: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700 Apr 26 17:54:09 orion named: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700 Apr 26 17:54:09 orion named: zone 255.in-addr.arpa/IN: loaded serial 42 Apr 26 17:54:09 orion named: zone 0.in-addr.arpa/IN: loaded serial 42 Apr 26 17:54:09 orion named: zone ns1.(domain.com)/IN: loaded serial 2008012001 Apr 26 17:54:09 orion named: zone orion.(domain.com)/IN: loaded serial 2008012001 Apr 26 17:54:09 orion named: zone (domain.com)/IN: loaded serial 2008042601 Apr 26 17:54:09 orion named: zone (domain.net)/IN: loaded (...)
And so on... for a lot of domains configured on this server. I don't think it loads all of them.
Then, right after seeing this problem I tried to connect to SSH while googling the problem and I got this:
Quote:
m-c-b:~ mcb$ ssh -l root (domain.com)
root@(domain.com)'s password:
Last login: Thu Apr 24 19:20:13 2008 from 87-196-13-151.ne
ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored.
ERROR: ld.so: object '/tmp/libno_ex.so.1.0' from /etc/ld.so.preload cannot be preloaded: ignored. ....
Im trying to Downgrade bind to 9.2.4 and im using Centos 5.1
Cant do it for some reason. Just getting error messages all the time.
I followed this tutorial but then found out its centos 4.1 so that was no help.
[url]
since this morning, I am unable to start named/bind.
_could_ it be a hardware problem or it has to be software-related?
I installed Direct Admin on my 192mb RAM vps and right now my VPS is at 270mb (I'm going into burst). I found that if I stopped named, it goes down to less than 70. Why is Bind taking up so much RAM?
View 11 Replies View RelatedI have tried to update bind but i have got tons of errors, so I tried to delete it and reinstall it to get the lateste version:
1) yum remove bind (success)
2) yum update (success)
3) yum install bind (fails)
Code:
[root@server /]# yum install bind
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
* base: ftp.free.fr
* updates: centos.crazyfrogs.org
* addons: ftp.free.fr
* extras: ftp.free.fr
Excluding Packages in global exclude list
Finished
Setting up Install Process
Parsing package install arguments
No package bind available.
Nothing to do
bind not avaible ?
another question does yum remove bind removes the zones?
I use CentOs 5
directadmin as CP
I have a weird problem since the movement of our ip range with one of our servers. Bind doesn`t seem to react on any changes we make.
For example, the server still resolves to the old ip adress while we changed all of those with ipswap.sh (directadmin)
The weird thing is that all zone files are 100% Correct. Ip`s are all changed and no sign of the old ip whatsoever.
Again, the nameserver still resolves to the old ip`s.
Also when i create a new domain, named.conf is changed and the zone file is created sucessfully. Still the nameserver doesn`t seem to add the domain name.
Restarting, reloading and even reinstalling named doesn`t help
/scripts/fixrndc
[DNSLib]: Attempting to locate /etc/named.conf
[DNSLib]: no bind configuration present
[DNSLib]: Unable to locate Bind configuration file.
yum install bind
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
core [1/3]
updates [2/3]
extras [3/3]
Reading repository metadata in from local files
Excluding Packages in global exclude list
Finished
Parsing package install arguments
Nothing to do
Its a cpanel vps, so I don't know why that happened. What to do?
I added a CNAME record on a domain using CPanel "Edit DNS Zone". It looked like this:
mail 14400 IN CNAME pop.anotherdomain.com
But when i do
host mail.mydomain.com i get
mail.mydomain.com CNAME pop.anotherdomain.com.mydomain.com
How do i make bind CNAME to pop.anotherdomain.com instead of pop.anotherdomain.com.mydomain.com.
Haven't delved into cPanel for a while, but had to get a VPS set up for someone but having problems with BIND.
I try to set the nameservers in WHM but when I try to add the 'A' record, I get the following:
"Bind reloading on uk using rndc zone: [domainname.com] Error reloading bind on uk: rndc: connect failed: 127.0.0.1#953: connection refused"
For some reason BIND keeps failing on my cPanel server every couple of days. There are no error logs in the /var/logs/messages file concerning the crash but when I manually restart bind then it logs messages just fine and I can see them. Does BIND keep any other error logs?
Today it seemed to coincide with a big movement in system memory, here my munin graph:
[url]
I have ran the “fixeverything” script which attempts to correct any errors in the bind config file but it still crashes. I couldn’t see anything wrong with it ayway.
Ive been learning alot about BIND and DNS, id like someone to check over what ive learn't to make sure my knowledge is correct.
A Zone:
A zone is basically 'similar' to a sub-domain but the domain google.com would not be a sub-domain, so a zone is not a sub-domain. In the domain google.com 'google' would be a deligated zone from the TLD 'com'. In another example: ny.google.com , 'ny' would be a zone for google's 'new york' department, if they had one.
Hosts:
The host name is usually the most left word in a domain or you can look at it as the leaves on an inverted tree in the DNS System. Examples:
www.google.com = 'www' would be the host
mail.sitepoint.com = 'mail' would be the host
ny.google.com = 'ny' would NOT be a host because its a 'zone' and does not offer a 'service' like ftp, mail, www ect. would. Unless 'ny' was intended to be a service then it would be a host, but it would have to become a leaf in the inverted tree, so you wouldn't ba able to create any zones from it like 'mail.ny.google.com' ... if that makes sense.
Nameservers:
If i used BIND on my server to manage my Zones and DNS information (which is pretty much standard), that would be my Nameserver. Its job would be to convert human recognizable names into computer recognizable names/numbers/ip.
My nameserver would only have authority over zones that are not deligated. So an example, 'com' deligate 'mydomainname' to me (mydomainname.com) they have no authority over that zone. So if i set up a nameserver on mydomain.com they have no authority over mydomainname or any zone under that.
Domain Namespace
The Domain Namespace was setup to replace the method used by ARPA (later DARPA) in the 60's in an effort to create a database of hosts that were easy to administer and reduced the time and server load on the old skool HOSTS.TXT method.
A domain namespace is a way to identify the different domains. Im not to good at explaining what i mean but basically ill illustrate this example:
google.com and google.net both have the same names, so the namespace in this example would the the TLD's 'net' and 'com' to seperate them.
Go a bit deeper for example:
cd.music.com and cd.disk.com , both have the same TLD and sub-domain's so the namespace here is the first-level domain 'music' and 'disk'.
Sub-Domains
Sub-Domains are similar to zones, in a way. A domain name: 'google.com' might have the sub-domain 'video.google.com' which links to the video section of google. 'video' is not a deligated zone from 'google' neither is it a host as such, so its a sub-domain.
Im probably slightly confused on some parts, and im open for comments. I dont fully understand alot of it, but what ive learnt so far took a good day to get my head around. If anythings wrong, id like to know.
I have a Bind DNS server setup and running on windows. Im trying to set up my domain at namecheap to use my name servers but it keeps telling me that the nameserver isint registered.
I have the nameserver set up as ns1.domain.com and i can see that its listening on port 53.
I did a local test on the server and the DNS is working properly.