One brief note about yesterday’s DDoS vulnerability: This is the latest in a long line of vulnerabilities caused, arguably, by a development philosophy ISC employed in BIND 9, which amounts to, “If you see something funky, exit.” In this case, the “something funky” is an update prerequisite containing a type=ANY resource record, hence the error message:
db.c:659: REQUIRE(type != ((dns_rdatatype_t)dns_rdatatype_any)) failed
exiting (due to assertion failure).
Some of you may be hopping up and down (either literally or figuratively), shouting “The name server could just as easily have ignored the update and moved on!” That’s right, and that’s what ISC says BIND 10 will do. Here’s a quote from their BIND 10 project page:
“BIND 9, like most services of its era, responds to many errors by logging and exiting. This has the potential to turn minor problems into Denial of Service attacks. We believe that it will usually be possible for BIND 10 to reset itself and continue operation, but it will require both careful design and careful testing to ensure that reset-and-continue is the usual response to attacks.”
Yet another reason to look forward to BIND 10!
Well, that and the opportunity to sell more books.
