Profile

Cover photo
Internet Systems Consortium
161 followers|29,417 views
AboutPostsPhotosYouTube

Stream

1
1
Add a comment...
1
Add a comment...
 
9.10.3 will include a few new features which have been shown to help mitigate the impact of the pseudo-random domain DDoS on resolvers.
BIND 9.9.8/9.10.3 BETA test begins
Tue, August 4, 2015, 10:00 PM

1
Add a comment...
 
Another great loss, Casper Bowden, a British privacy advocate who campaigned against the UK's key-escrow cryptography policy also passed away last week. 
Caspar Bowden, a leading British privacy advocate most well known for foreshadowing the revelations made by Edward Snowden, died of a fast-spreading skin cancer on Thursday in southern France, where he lived, his wife Sandi announced on Twitter.
1
1
Add a comment...
1
Add a comment...
 
ISC DHCP 4.3.3b1 and 4.1-ESV-R12b1 are now available for download.

These are the beta versions of ISC DHCP 4.3.3 and 4.1-ESVR12, which are maintenance releases.  Among many other bug fixes, we have included a number of LDAP patches contributed by the community.

Field testing is an important part of our quality process.  We welcome and need our user base to beta test our upcoming releases. Please report bugs to dhcp-bugs@isc.org, and report that you have tried the release, and any general observations, to dhcp-users@lists.isc.org.

Note Well: In the past our process was to release the beta, then
a week later to release a release candidate and then a week after
that to release the final version.  We concluded that this did
not provide users a large enough window to get the beta, test it
and report any bugs back to us.  In addition the release candidate
didn't serve much purpose.  For this release we are changing our
process.  We shall release the beta and then roughly one month
later (currently scheduled for September 1st) release the final
version.  This schedule may be altered depending on what, if any,
bugs are reported during the beta window.

A list of the changes in this release has been appended to the end
of this message.  For a complete list of changes from any previous
release, please consult the RELNOTES file within the source distribution.

https://www.isc.org/downloads/DHCP/
All IP devices need addresses, and ISC DHCP is the easiest and most efficient way to provide them. ISC DHCP is open source software that implements the Dynamic Host Configuration Protocol for connection to an IP network. It is production-grade software that offers a complete solution for ...
1
Add a comment...
 
We have just published a BIND security vulnerability, CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure.  The official CVE announcement is here: https://kb.isc.org/article/AA-01272

This impacts both Resolvers and Authoritative servers, from 9.1.0 onwards.  Patch releases are posted for BIND 9.9.7 and 9.10.2. 

Found by Jonathan Foote, using the American Fuzzy Lop tool.  
american fuzzy lop (1.84b). American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary.
2
1
Add a comment...
Story
Tagline
Developers and maintainers of Critical Internet Infrastructure software and services
Introduction
Developer and distributor of BIND, ISC DHCP and Kea. Operator of F-root, one of 13 Internet root name servers. Network status at status.isc.org
Contact Information
Contact info
Email