[Snort-users] any rule for BIND 9 Resolver DoS?

Jason Haar Jason_Haar at ...15306...
Wed Nov 16 18:56:33 EST 2011


Just saw this on SANS. DoS causes Bind 9 to crash across .edu domains -
suspected attack.

http://isc.sans.edu/diary.html?storyid=12049&rss
http://www.isc.org/software/bind/advisories/cve-2011-tbd


Anyone got packets? (or rules of course)

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1





More information about the Snort-users mailing list