Internetblog.org.uk Web hosting, Domain names, Dedicated servers
A DoS (denial of service) security bug has been found in BIND, and the Internet Systems Consortium (ISC) is recommending that users upgrade immediately. BIND, which stands for Berkeley Internet Name Domain is the most widely used and accepted DNS server. Most Linux and other Unix-like server run BIND, and therefore, most web hosting servers are potentially at risk.
An attacker would need to send a “specially-crafted” update message to a DNS zone, causing the entire server to crash. There are no workarounds for the bug, according o ISC, and the only way to fix the problem is to upgrade from the affected version (Bind 9) to one of the versions listed on their site.
Web hosting servers running Linux distributions normally receive security updates directly from their distributions’ repositories. It will be up to major server-based Linux vendors like Redhat and Novell to distribute the security patches in a timely fashion. ISC is the organization responsible for maintaining BIND. It is a non-profit organization.
