Major changes:
* tinydns automatically returns a random set of 8 addresses, in a
random order, from a cluster of any size.
* tinydns supports client differentiation. There's no longer any
reason to use pickdns.
* dnstracesort prints glue information. This reveals all sorts of
interesting inconsistencies.
--
BIND 9.1.0 has been released. Compared to BIND 9.0, BIND 9.1 has a
number of new features as well as numerous bug fixes and cleanups.
The new features include:
- Many BIND 8 features previously unimplemented in BIND 9,
including domain-specific forwarding, the $GENERATE
master file directive, and the "blackhole", "dialup",
and "sortlist" options
- Forwarding of dynamic update requests; this is enabled
by the "allow-update-forwarding" option
- A new, simplified database interface and a number of
sample drivers based on it; see doc/misc/sdb for details
- Support for building single-threaded servers for
environments that do not supply POSIX threads
- New configuration options: "min-refresh-time",
"max-refresh-time", "min-retry-time", "max-retry-time",
"additional-from-auth", "additional-from-cache",
"notify explicit"
- Faster lookups, particularly in large zones.
Submitted by Brian Caswell <bmc@mitre.org>.
ndiff compares two nmap scans and outputs the differences. It
allows monitoring of your network(s) for interesting changes in
port states and visible hosts.
Ethereal 0.8.15 has one of the biggest GUI changes in recent history;
display filters can now be constructed via an easy-to-use point-and-click
interface. Protocol dissectors now exist for: NFSv4, Mobile IPv6, X.25
over TCP, LAPBETHER, DEC LANBridge Spanning Tree Protocol, X.25 over LLC,
Frame Relay, MTP3 User Adaptation Layer, and ISDN Q.921 User Adaptation
Layer. Many other dissectors and core features were improved, and bugs
were squashed. The wiretap library can now read Sniffer Frame Relay files.
Capturing supports the "any" pseudo-device on Linux if you use libpcap 0.6
from www.tcpdump.org.
probes/attacks. Courtney receives input from tcpdump counting the
number of new services a machine originates within a certain time
window. If one machine connects to numerous services within that
time window, courtney identifies that machine as a potential SATAN
host.
Submitted by: Brian Caswell <bmc@mitre.org>
- update to 1.03
Major changes:
* dnscache drops old UDP queries in favor of new ones, and drops old
TCP connections in favor of new ones.
* dnscache supports $FORWARDONLY to forward queries to another cache.
The other cache is listed in root/servers/@.
* dnscache returns TTLs by default, so it can be used as the target
of forwarding.
* dnstrace | dnstracesort produces output that's very easy to scan.
Try dnstrace a www.netscape.com 198.41.0.4 | dnstracesort | less.
