--
BIND 9.1.0 has been released. Compared to BIND 9.0, BIND 9.1 has a
number of new features as well as numerous bug fixes and cleanups.
The new features include:
- Many BIND 8 features previously unimplemented in BIND 9,
including domain-specific forwarding, the $GENERATE
master file directive, and the "blackhole", "dialup",
and "sortlist" options
- Forwarding of dynamic update requests; this is enabled
by the "allow-update-forwarding" option
- A new, simplified database interface and a number of
sample drivers based on it; see doc/misc/sdb for details
- Support for building single-threaded servers for
environments that do not supply POSIX threads
- New configuration options: "min-refresh-time",
"max-refresh-time", "min-retry-time", "max-retry-time",
"additional-from-auth", "additional-from-cache",
"notify explicit"
- Faster lookups, particularly in large zones.
Submitted by Brian Caswell <bmc@mitre.org>.
ndiff compares two nmap scans and outputs the differences. It
allows monitoring of your network(s) for interesting changes in
port states and visible hosts.
Ethereal 0.8.15 has one of the biggest GUI changes in recent history;
display filters can now be constructed via an easy-to-use point-and-click
interface. Protocol dissectors now exist for: NFSv4, Mobile IPv6, X.25
over TCP, LAPBETHER, DEC LANBridge Spanning Tree Protocol, X.25 over LLC,
Frame Relay, MTP3 User Adaptation Layer, and ISDN Q.921 User Adaptation
Layer. Many other dissectors and core features were improved, and bugs
were squashed. The wiretap library can now read Sniffer Frame Relay files.
Capturing supports the "any" pseudo-device on Linux if you use libpcap 0.6
from www.tcpdump.org.
probes/attacks. Courtney receives input from tcpdump counting the
number of new services a machine originates within a certain time
window. If one machine connects to numerous services within that
time window, courtney identifies that machine as a potential SATAN
host.
Submitted by: Brian Caswell <bmc@mitre.org>
- update to 1.03
Major changes:
* dnscache drops old UDP queries in favor of new ones, and drops old
TCP connections in favor of new ones.
* dnscache supports $FORWARDONLY to forward queries to another cache.
The other cache is listed in root/servers/@.
* dnscache returns TTLs by default, so it can be used as the target
of forwarding.
* dnstrace | dnstracesort produces output that's very easy to scan.
Try dnstrace a www.netscape.com 198.41.0.4 | dnstracesort | less.
- allow concurrent builds.
- respect CFLAGS.
- no need to set ALL_TARGET or WRKDIST.
- do not override install target, use post-install.
- mkdir -> INSTALL_DATA_DIR.
Submitted by Vladimir Popov <pva48@mail.ru>.
WMnet polls network statistics and does a few things with the data it gets.
It has small blinking lights for the rx and tx of IP packets, a digital
speedometer of your polled stat's current speed and a bar graph like xload
et. al which has a tx speed graph from bottom-up and rx speed graph from
the top-down.
interface, but 80-90% of the code isn't text mode specific, so other UIs could
be created pretty easily. Also, Irssi isn't really even IRC specific anymore,
there's already a working SILC module available. Support for other protocols
like ICQ could be created some day too.
within the resolver code makes it possible to overwrite stack
variables by generating a malformed DNS packet. This problem makes
it possible to create a situation where a malicious user may be
able to execute code remotely with the UID and GID of the BitchX
client. It is necessary for an attacker to control their own DNS
to exploit this bug.
