Glibc update and bind failures

Subject: Glibc update and bind failures
From: Darron Froese (darron@fudgehead.com)
Date: Mon Dec 27 1999 - 18:02:09 MST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Dan Burcaw: "Re: Glibc update and bind failures"
• Previous message: Dan Burcaw: "Mac-On-Linux"
• In reply to: Dan Burcaw: "Mac-On-Linux"
• Next in thread: Dan Burcaw: "Re: Glibc update and bind failures"
• Reply: Darron Froese: "Glibc update and bind failures"

Dan and List,

Ever since we updated our glibc to install the OpenSSH (because of the
ssh/RSARAF exploit) our name server requests from those updated machines
have been failing randomly - there doesn't seem to be any pattern. here's
an example:

The original message was received at Mon, 27 Dec 1999 15:39:16 -0700
from localhost

   ----- The following addresses had permanent fatal errors -----
<nobody@scully.fudgehead.com>

   ----- Transcript of session follows -----
550 <nobody@scully.fudgehead.com>... Host unknown (Name server:
scully.fudgehead.com.: host not found)

    [ Part 2: "Delivery Status" ]

Reporting-MTA: dns; mulder.fudgehead.com
Received-From-MTA: DNS; [209.91.88.196]
Arrival-Date: Mon, 27 Dec 1999 15:39:16 -0700

Final-Recipient: RFC822; nobody@scully.fudgehead.com
Action: failed
Status: 5.1.2
Remote-MTA: DNS; scully.fudgehead.com
Last-Attempt-Date: Mon, 27 Dec 1999 15:39:17 -0700

    [ Part 3: "Included Message" ]

Date: Mon, 27 Dec 1999 15:39:16 -0700
From: Mail Delivery Subsystem <MAILER-DAEMON>
To: nobody@scully.fudgehead.com
Subject: Returned mail: Host unknown (Name server: mail.briercrest.ca.:
host
    not found)

The original message was received at Mon, 27 Dec 1999 15:39:15 -0700
from IDENT:root@[209.91.88.196]

   ----- The following addresses had permanent fatal errors -----
<info@slyngshot.com>

   ----- Transcript of session follows -----
550 <info@slyngshot.com>... Host unknown (Name server:
mail.briercrest.ca.:
host not found)

    [ Part 3.2: "Delivery Status" ]

Reporting-MTA: dns; mulder.fudgehead.com
Received-From-MTA: DNS; [209.91.88.196]
Arrival-Date: Mon, 27 Dec 1999 15:39:15 -0700

Final-Recipient: RFC822; lharder@briercrest.ca
Action: failed
Status: 5.1.2
Remote-MTA: DNS; mail.briercrest.ca
Last-Attempt-Date: Mon, 27 Dec 1999 15:39:16 -0700

I thought it may have been the bind that was updated but that has been put
back to the original binaries with no changes in the failures.

As a result - I have to remove the OpenSSH and the updated glibc - is
there a safe way to do the updated glibc? I can just recompile ssh without
RSARAF - which in retrospect I should have done - and that will take care
of that exploit but I'm just not sure where to start with the glibc.

Can I just "rpm -i old-glibc --force" without screwing anything up?

Any help would really be appreciated muchly. Thanks.

Darron
darron@fudgehead.com
<http://darron.odi.ca/>

• Next message: Dan Burcaw: "Re: Glibc update and bind failures"
• Previous message: Dan Burcaw: "Mac-On-Linux"
• In reply to: Dan Burcaw: "Mac-On-Linux"
• Next in thread: Dan Burcaw: "Re: Glibc update and bind failures"
• Reply: Darron Froese: "Glibc update and bind failures"

This archive was generated by hypermail 2a24 : Sun Jan 02 2000 - 12:12:58 MST