Wed 21 Sep 2005
I was recomiling Apache today to update a few modules to their latest versions, and ran into a problem I hadn’t seen before: the configure script complained that it couldn’t find libpng.(a|so) (meaning libpng.a or libpng.so). I did a bunch of searching online looking for solutions, and after trying a number of things that didn’t work, discovered the source of the problem: a recent Debian update had resulted in two versions of libpng being installed on my system. In such a case, the system apparently figures that neither version should be given precedence over the other, so the usual symbolic links that would have been named “libpng.a” and “libpng.so” didn’t get created. When I deleted the older package, the symlinks to the newer package magically appeared!
Prior to discovering that fix, one thing I’d tried was manually creating the symlink. It worked to a point, but the configure script then failed at the next step, where it was looking for png.h. Perhaps that was also fixed by removing the old libpng (after all, I’d compiled successfully before), or perhaps it was fixed by my having also installed the libpng-dev package.
As I write, I see in my terminal window that the compilation process has sucessfully passed the point where the error occurred.
October 25th, 2005 at 2:50 pm
Very Progressive. From Sans newsbites Vol. 7 Num 47:
STATISTICS, STUDIES & SURVEYS
–More Than 80 Percent of DNS Servers May be Vulnerable to Pharming
(24 October 2005)
The results of a recent survey indicate that 84 percent of DNS servers
around the world might be vulnerable to pharming attacks, which use DNS
cache poisoning or domain hijacking to redirect Internet users to
specially crafted web sites designed to steal their personal
information. Some suggestions for protecting against DNS
vulnerabilities include splitting external name servers into
authoritative name servers and forwarders, and restricting recursion and
filtering traffic to and from external name servers.
http://www.theregister.co.uk/2005/10/24/dns_security_survey/print.html
http://dns.measurement-factory.com/surveys/sum1.html
http://isc.sans.org/presentations/dnspoisoning.php
[Guest Editor Note (Pescatore): In the interest of disclosure, this
survey was funded by a company that sells secure DNS servers. However,
most thorough security audits do find that the majority of DNS servers
have glaring vulnerabilities.
(Ullrich): I think this study is missing the point. Pharming, or a DOS
attacks against the misconfigured DNS server creates part of the
problem, but the really big problem, Instead, is that open recursive DNS
servers can be used to amplify DDoS attacks.
(Tan): DNS poisoning is not something new. It just becomes more apparent
when coupled with phishing and fraud attacks. Securing DNS system isn’t
a rocket science. Protecting DNS/BIND has been one of SANS Top 20 items
since Year 2000. The steps are detailed at http://www.sans.org/top20/.
Enjoyed the post. Will there be a Tcpwrappers discussion in a future post?
Go Noles!
-Gater Hater