Firewalls: RE: NT 4.0 DNS & Split DNS ??

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	RE: NT 4.0 DNS & Split DNS ??
From:	"Webb, Andy" <Andy . Webb @ swinc . com>
Date:	Mon, 17 Feb 1997 10:18:57 -0600
To:	"'firewalls @ GreatCircle . COM'" <firewalls @ GreatCircle . COM>, "'bve @ quadrix . com'" <bve @ quadrix . com>

A little clarification:

The DNS and RPC problems HAVE BEEN FIXED.  Go to Microsoft's FTP site
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixe
s-postSP2/

and get:
dns_fix
rpc_fix
tcpip_fix
krnl_fix

The RPC fix is also available for NT 3.51 SP5.  Go to:
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT351/hotfix
es-postSP5/

and get:
rpc_fix

Posting this information is good.  But please try not to increase the
hysteria any by leaving out the fact that the fixes are available.  

regards
Andy
===================================================================
Andy Webb		"The clue meter is reading zero." - Dilbert
awebb @
 swinc .
 com		Simpler-Webb, Inc.		 Austin, TX
===================================================================

> -----Original Message-----
> From:	firewalls-owner @
 GreatCircle .
 COM
> [SMTP:firewalls-owner @
 GreatCircle .
 COM] On Behalf Of bve @
 quadrix .
 com
> Sent:	Monday, February 17, 1997 8:04 AM
> To:	firewalls @
 greatcircle .
 com
> Subject:	NT 4.0 DNS & Split DNS ??
> 
> 
>      From: Ken Hardy <ken @
 mailhost .
 bridge .
 com>
> 
>      Does anyone have any experience with NT4's DNS server?  Does it
> work
>      well with a split DNS environment?  With multiple subdomains &
>      primaries & all the other curves that can make split DNS a
> challenge?
> 
> 
> While I have no direct experience with NT's DNS server, I seem to
> remember
> mention on this list of it working well with other NT DNS servers, but
> not
> working properly with Unix-based servers, when one is a secondary of
> the other.
> The person reporting the problem at the time said that MS ackowledged
> that the
> incompatibility existed, but claimed that they had implemented the
> spec, and
> everyone else was wrong.  You may want to check on this, before
> counting on
> using it for split-DNS, unless you have all NT machines in the setup.
> 
> Also, check out the security advisories on NT's DNS server.  It can be
> crashed
> (for a nice DOS attack) simply by sending a reply to a request which
> was never
> made....  It *may* also be vulnerable to the "port 135" attack.  (Most
> of MS's
> networking code is vulnerable to random garbage sent to its ports --
> causes a
> runaway process which eats all idle time.)
> 
> 
> 				     -- Bill Van Emburg
> Phone: 908-235-2335			Quadrix Solutions, Inc.
> Fax:   908-235-2336			(bve @
 quadrix .
 com)
> Check out http://yourtown.com!		(http://quadrix.com)
> 	"You do what you want, and if you didn't, you don't"

Indexed By Date	Previous:	Re: Linux Tripwire-1.2 From: MinnNet Security <security @ minn . net>
Indexed By Date	Next:	Re: Linux Tripwire-1.2 From: Doug Paul <dbp @ dragonsys . com>
Indexed By Thread	Previous:	NT 4.0 DNS & Split DNS ?? From: bve @ quadrix . com (BVE)
Indexed By Thread	Next:	Blocking Pointcast (#2 - clarification) From: "Daniel J Blander - Sr. Systems Engineer for ACS" <Daniel . Blander @ ACSacs . Com>