Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Subject: Re: why is bash trying to access my DNS?
From: David Means <dmeans AT the-means DOT net>
To: cygwin AT cygwin DOT com
In-Reply-To: <5.2.0.9.2.20030303205644.02eeb590@pop3.cris.com>
References: <5 DOT 2 DOT 0 DOT 9 DOT 2 DOT 20030303194254 DOT 02a82a30 AT pop3 DOT cris DOT com>
	 <ARRAY(0x9d0fa5c)> <5 DOT 2 DOT 0 DOT 9 DOT 2 DOT 20030303194254 DOT 02a82a30 AT pop3 DOT cris DOT com>
	 <5 DOT 2 DOT 0 DOT 9 DOT 2 DOT 20030303205644 DOT 02eeb590 AT pop3 DOT cris DOT com>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-a+wxAefNBCOc9+c+zG5i"
Organization: The-Means.net
Message-Id: <1046755222.23310.37.camel@milo>
Mime-Version: 1.0
Date: 04 Mar 2003 00:20:22 -0500

--=-a+wxAefNBCOc9+c+zG5i
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Mon, 2003-03-03 at 23:59, Randall R Schulz wrote:
> Geoffrey,
>=20
> Exactly what sneaky data can get sent in a DNS request?
>=20
> Oops. I mean what data can be sneakily sent via a DNS request.
>=20
> Oops. I mean what data can sneakily be sent via a DNS request.
>=20
> Randall Schulz

Actually, plenty.  Historically, Bind has been easily hacked.  Although
it's been a while since a good vulnerablity was found in Bind, that
doesn't mean there's not an unknown hole in it which could be exploited.

However, in order to exploit such a hole, the attacking system has to
be, in one way or another, "owned".  Anybody with the presence of mind
to be running ZoneAlarm (or something similar) would certianly know if
there system(s) had been compromised in such a fashion.




>=20
{ snip }

--=20
David Means

Real programs don't eat cache.

--=-a+wxAefNBCOc9+c+zG5i
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEABECAAYFAj5kN5UACgkQUd0KwqAz4arR6QCePPiqHIyQZP3J+K6a9z6Ebi1P
L5UAnRXJ/lKVASRjdWxVxPVPsluQFR4+
=WPOZ
-----END PGP SIGNATURE-----

--=-a+wxAefNBCOc9+c+zG5i--