LinuxSA Mailing list archives

  From: Alan Kennington <akenning@dog.topology.org>
  To  : LinuxSA <linuxsa@linuxsa.org.au>
  Date: Sat, 24 Feb 2001 13:33:30 +1030

a good reason to update your BIND!!

If logic and rational argument alone were not sufficient
reasons to get BIND updated quickly, here's a little
non-slashdot item on this:

http://www.theregister.co.uk/content/8/17163.html

To quote:

=========================================================
Computer hackers with a grudge against McDonalds have used a
subtle hacking technique to embarrass the burger chain online. 

Activists redirected surfers visiting McDonalds.co.uk to an
insecure box in a US university on which they placed a message
mocking McDonalds. 

[....]

According to Fredrik of Alldas.de: "What Fluffy Bunny did was
own the nameserver of mcdonalds.co.uk with the new BIND
bug, and then redirect the domain for one day or something to
an insecure computer where they had their message." 
=========================================================

Well, I don't know if I would call it a "subtle hacking technique".

So when you see this kinf of thing in your firewall log file:

Feb 24 10:28:13 dog kernel: IP fw-in deny ppp0 TCP 193.15.237.200:17552 203.48.2.142:53 L=40 S=0x00 I=39394 F=0x0000 T=228
Feb 24 10:28:13 dog kernel: IP fw-in deny ppp0 TCP 193.15.237.200:17552 203.48.2.159:53 L=40 S=0x00 I=39394 F=0x0000 T=228      

You know what they're looking for!

Cheerio,
Alan Kennington.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject