The number one market place for webmasters - SEO Talk, Domains and more
Blog Forums Members List FAQ Search Link Directory Register

Go Back   The number one market place for webmasters - SEO Talk, Domains and more > The W.W.W > Web Development > Network Security
Reload this Page How To Eliminate 10 Most Critical Internet Security Threats

Network Security Share your ideas about Internet security, tips and tricks to set up a not spammable forum / site.-

Reply
 
Thread Tools Display Modes
  #1  
Old 03-20-2008, 08:49 AM
tukyunaaya tukyunaaya is offline
Banned
Points: 803, Level: 16 Points: 803, Level: 16 Points: 803, Level: 16
Activity: 0% Activity: 0% Activity: 0%
iTrader: (0)
  
Join Date: Feb 2008
Posts: 116
Nominated 0 Times in 0 Posts
TOTW/F/M Award(s): 0
tukyunaaya RSS Feed
Nominate this post
Default How To Eliminate 10 Most Critical Internet Security Threats
1. BIND weaknesses: nxt, qinv and in.named allow immediate root compromise.

The Berkeley Internet Name Domain (BIND) package is the most widely used implementation of Domain Name Service (DNS) -- the critical means by which we all locate systems on the Internet by name (e.g., http://www.sans.org) without having to know specific IP addresses -- and this makes it a favorite target for attack. Sadly, according to a mid-1999 survey, about 50% of all DNS servers connected to the Internet are running vulnerable versions of BIND. In a typical example of a BIND attack, intruders erased the system logs, and installed tools to gain administrative access. They then compiled and installed IRC utilities and network scanning tools, which they used to scan more than a dozen class-B networks in search of additional systems running vulnerable versions of BIND. In a matter of minutes, they had used the compromised system to attack hundreds of remote systems abroad, resulting in many additional successful compromises. This illustrates the chaos that can result from a single vulnerability in the software for ubiquitous Internet services such as DNS.

Systems Affected:
Multiple UNIX and Linux systems

CVE Entries:
nxt CVE-1999-0833
qinv CVE-1999-0009

Other related entries CVE-1999-0835, CVE-1999-0848, CVE-1999-0849, CVE-1999-0851

Advice on correcting the problem:
A. Disable the BIND name daemon (named) on all systems that are not authorized to be DNS servers. Some experts recommend you also remove the DNS software.

B. On machines that are authorized DNS servers, update to the latest version and patch level. Use the guidance contained in the following advisories:
For the NXT vulnerability: http://www.cert.org/advisories/CA-99-14-bind.html
For the QINV (Inverse Query) and NAMED vulnerabilities: http://www.cert.org/advisories/CA-98.05 ... blems.html
http://www.cert.org/summaries/CS-98.04.html

C. Run BIND as a non-privileged user for protection in the event of future remote-compromise attacks. (However, only processes running as root can be configured to use ports below 1024 – a requirement for DNS. Therefore you must configure BIND to change the user-id after binding to the port.)

D. Run BIND in a chroot()ed directory structure for protection in the event of future remote-compromise attacks.
Reply With Quote
  #2  
Old 03-20-2008, 08:50 AM
tukyunaaya tukyunaaya is offline
Banned
Points: 803, Level: 16 Points: 803, Level: 16 Points: 803, Level: 16
Activity: 0% Activity: 0% Activity: 0%
iTrader: (0)
  
Join Date: Feb 2008
Posts: 116
Nominated 0 Times in 0 Posts
TOTW/F/M Award(s): 0
tukyunaaya RSS Feed
Nominate this post
Default
the following methods are being posted in the partner site also..
if u want me to post here..i can do that also..
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off
Forum Jump


Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0

Designed by: vBSkinworks

Register Now!
Forum Information
Forum Members: 2,911
Total Threads: 4,308
Total Posts: 19,938

Welcome to our newest member, Atrofflaria
Latest Threads

 

Business

Webmaster

Joomla

The Best Online Opportunities

Free Templates & Tutorials

Cheap advertising

Cheap advertising

Lunarpages.com Web Hosting
Partner Links

Directorio de Plantillas web