W2K and MAC OS9 Flood Root Nameservers?

← Back to Stories (view on slashdot.org)

W2K and MAC OS9 Flood Root Nameservers?

Posted by ryuzaki0 on Sunday April 21, 2002 @04:36AM from the unintentional-dos dept.

wizzy writes "Irelands toplevel domain registry has a notice on Microsoft and Apple DHCP clients sending dynamic DNS updates per RFC2136. The problem is they are not sufficiently careful about where they send it if they are in RFC1918 space - usually used for behind-firewall addressing, which is where they usually are.. This is resulting in bogus updates being sent at the rate of nearly one million an hour to root nameservers, only to be rejected - as reported on the NANOG mailing list."

9 of 238 comments (clear)

Min score:

Reason:

Sort:

just another reson by Kaoslord · 2002-04-21 04:40 · Score: 2, Insightful

just another reason to start using mac os X... or lets start educating people, i wonder how much resources those bad-changes make anyways....

--
Kaoslord [quote goes here] define("slashdot purity","67.5");
How to Fix? by 1stflight · 2002-04-21 04:43 · Score: 3, Insightful

Before everyone jumps down MS's throat (or Apple's) does anyone know how to reconfigure a system to fix this issue?

--
3000 dead over past 2 years, still no free Palestinians, still
Untrained Microsoft Sys Administrators... by weave · 2002-04-21 05:08 · Score: 4, Insightful

Thanks to stupid ad campaigns and Microsoft saying that Windows servers are easy to administer and don't require expensive experts, it causes the worth of Microsoft Sys Admins everywhere to be cheapened. As someone who administers Microsoft servers, it pisses me off enough that my bosses don't understand the level of intelligence required to properly administer large systems. Now I have Microsoft saying to the top Chiefs in orgs basically that you can get your Microsoft sys admins much cheaper than Unix admins.
Gee, thanks a lot.
So you get what you pay for. You drive down the perceived value of a Microsoft sys admin and you fill these positions with poorly trained or MCSE certified test takers with no real grasp of the larger issues involving administer *any* IT site.
Any competent sys admin would ensure crap like this doesn't happen, no matter what the OS is.
And if the gap in pay and value between Unix and Windows sys admins is widened, who in their right mind coming out of a CS degree in college (not some fly-by-night certification course) is going to want to use their training to specialize in the market that pays the least?
1. Re:Untrained Microsoft Sys Administrators... by Sander_ · 2002-04-21 05:53 · Score: 2, Insightful
  
  This specific problem isn't about wether M$ admins are good, bad, untrained, uninformed or if wether they are Gods(tm). This is a completely non-M$ issue.
  
  However, it looks bad for us who build and maintain networks and their security (or inherent lack thereof).
  
  Proper design is to have two or more DNS proxies in a DMZ (or better yet, two different DMZs facing two different ISPs), and they relay any proper queries, never let an internal client have direct access out in the wild.
  
  Hiding all kinds of cruft beind NAT'ing gateways only hides design problems and exports your bad descision to anyone who might be in your path on the Net.
  
  ttfn,
  A
2. Re:Untrained Microsoft Sys Administrators... by HiThere · 2002-04-21 07:09 · Score: 4, Insightful
  
  Truthfully, I'm surprised that the career of computer programmer has lasted as long as it has. (N.B.: I didn't say sys admin.)
  
  OTOH, the job has changed significantly in that time frame. I attribute it's longevity to the slowdown produced by the MS monopoly. (And, to an extent, I'm a bit grateful, in a guilty kind of way.) VisiCalc was the handwriting on the wall.
  
  However, this has just meant that the activity has shifted to a higher level. Now languages are expected to contain things like GUI building toolkits, or even full GUI builders. (Glade is an example here. It's relatively easy to add the ability to read the Glade XML file to a language.) N.B.: A language here is including not only the core features, but also the default libraries (e.g., Swing or AWT).
  
  I am less aware of the trends in system administration, but I assume that the same path is being followed. The early tools are clearly sub-optimal, but as time goes on they improve. They'd better. The ones that don't will fail to reproduce successfully.
  
  System administrators need to adapt to the changing environment. So do programmers. Both paths have a finite duration. (I.e., when computers start to manifest "common sense" the handwriting will be on the wall. Bloat be dammed!)
  
  Once upon a time I did a forecast of future employment trends (as a kind of academic exercise). I wrote it up as a paper titled "Be a garbage man". This was based on expected duration of the professions that I considered. Management is in a peculiar position here. The formal decision making that the managers engage in is clearly something that they are incompetent at. But if there isn't a person on the top of the pyramid, many people get quite upset. Thus, ignoring for the minute the obvious advantage a manager at the top has toward job presentation, human nature seems to ensure that the top of the pyramid will be a person. Possibly a figurehead (one can hope?), but a person.
  
  If one includes political considerations this whole projection thing becomes a lot more complex. And unmanageable. But notice that whenever political considerations enter the technical folk tend to get the short end of the stick (because they don't pay enough attention). This means you!
  
  Don't expect any job that you take to last for 20-40 years. At least not without evolving into something you wouldn't have recognized at the beginning. Any job.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
Re:Same bug on two different OS's by SiMac · 2002-04-21 05:13 · Score: 3, Insightful

The TCP/IP is very, very different on those two different OSes.

Windows, IIRC, uses sockets. Mac OS 9 uses streams (although Mac OS X uses sockets). It's very unlikely that someone stole someone else's TCP/IP code, as much as I would like to blame Microsoft for stealing code...
These posts are annoying by Anonymous Coward · 2002-04-21 07:22 · Score: 2, Insightful

CmdrTaco, this news article has six links, but
only of them actually relates directly to this
particular piece of news. Please make it
more obvious which one is correct -- I'm tired
of having to move the mouse over each one and
see what the address is in order to try to figure
out which link actually gives me the news.

(please mod this up so people see it! this is
becoming a big problem on slashdot. and this is
anonymous, so it's not karma whoring)
Re:Forget firewalls by HiThere · 2002-04-21 07:24 · Score: 3, Insightful

"Why should I care?..."

That should probably rated +5 insightful. The local user needs to fix things, but isn't feeling any effect. At least none that he can see is related to the cause of the problem. And truthfully, no particular user is causing much of a problem. But there are so many of these machines that ...

It's basically a commercially sponsored DOS attach against the DNS servers. That's what it is if you strip everything but the basic features away. The only thing that's (probably) missing is the malice.

--

I think we've pushed this "anyone can grow up to be president" thing too far.
That's *Mac*OS 9 by Paladeen · 2002-04-21 11:49 · Score: 3, Insightful

What is it with people and writing MAC instead of Mac?

Mac is short for Macintosh, it's not a bleeding acronym! I can put up with it when it comes to ignorant posters, but seriously, shouldn't the Slashdot editors know better?