[[Categoría:Networking]]
[[Categoría:Seguridad]]
>** Pasos a seguir **
===== Patchear OpenBSD 4.3 Bind Cache Poisoning Vulnerability =====
[[http://www.undeadly.org/cgi?action=article&sid=20080723204659&mode=expanded|Salio el patch]] para el [[http://isc.dshield.org/diary.html?storyid=4687|famoso fallo de DNS]] del cual tanto se esta hablando.
Pasos a seguir para fixear tu obsd 4.3:
# cd /usr/src
# ftp ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/004_bind.patch
Connected to openbsd.sunsite.ualberta.ca.
220-
220- Welcome to SunSITE Alberta
220-
220- at the University of Alberta, in Edmonton, Alberta, Canada
220-
220-All connections to and transfers from this server are logged. If
220-you do not like this policy, please disconnect now.
220-
220-You may want to grab the index file called "ls-lR.gz" in /pub. It is
220-updated nightly with the contents of the ftp tree.
220-
220- If you have any questions, hints, or requests, please email
220-
220- sunsite@sunsite.ualberta.ca
220-
220
331 Who are you impersonating today?
230-
230- Welcome to Sunsite Alberta
230- Login Successful.
230 Your data rate unrestricted
Remote system type is UNIX.
Using binary mode to transfer files.
200 Switching to Binary mode.
250 Directory successfully changed.
Retrieving pub/OpenBSD/patches/4.3/common/004_bind.patch
local: 004_bind.patch remote: 004_bind.patch
227 Entering Passive Mode (129,128,5,191,168,71)
150 Opening BINARY mode data connection for 004_bind.patch (61696 bytes).
100% |****************************************************************************| 61696 00:02
226 Wow, that seems to have worked.
61696 bytes received in 2.08 seconds (28.94 KB/s)
221 Goodbye.
# patch -p0 < 004_bind.patch
# cd usr.sbin/bind
# make -f Makefile.bsd-wrapper obj
# make -f Makefile.bsd-wrapper
# make -f Makefile.bsd-wrapper install
===== Descargar código fuente =====
No te olvides que para realizar esto necesitas el código fuente
# cd /usr/src
# ftp ftp://ftp.openbsd.org/pub/OpenBSD/4.3/src.tar.gz
# tar -xzf src.tar.gz