DNS patch slows BIND servers

Share this article:

Patches designed to address the recently publicized DNS flaw have slowed servers running the Berkeley Internet Name Domain (BIND) system, which is used on the majority of name-serving machines on the internet.

In a notice posted on a BIND mailing list, Paul Vixie, head of the Internet Systems Consortium (ISC), said there were issues that might affect the performance of high-traffic recursive servers that received more than 10,000 queries a second. He said an update of the patch [P2] for BIND will be available in the next week or so. This would “allow TCP queries and zone transfers while issuing as many outstanding UDP queries as possible”.

He added that organizations should not hold off installing P1, which was launched on July 8, in the meantime – even if servers run slowly as a result – because the vulnerability would result in a far worse scenario. Beta versions of the second patch for BIND 9.4.3 and BIND 9.5.1 are currently available.

Microsoft's first-round DNS patch (MS08-037) has also caused problems; in a post to its SBS blog, Microsoft said “some services may fail to start or may not work properly after installing MS08-037.”

 

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.