Nathan J. Mehl wrote:
In the immortal words of Michael.Dillon@radianz.com (Michael.Dillon@radianz.com):
> I suggest that an appropriate technique would be for the BIND server to
> originate traffic on it's local subnet that would look suspicious and
> possibly trigger intrusion alarms.
I'm a little stuck for a proper analogy for this. A car that
"helpfully" starts emitting noxious smoke to let you know that it's
time for a tune-up?
A car whose breaks start to squeal annoyingly telling you they're
about to wear out?
machine that replaces the outgoing message with a stream of
profanities to alert callers that the incoming message tape is full?
Cash register tape that turns an ugly pink or green towards the end of
Cell phones, pagers, and fifty zillion other electronic devices that
beep or buzz endlessly when the battery starts to run low?
Not that I agree that making BIND self-destruct or send off alarms is
a particularly workable idea. Even if someone comes up with a
beautiful system for this, it's probably all moot. How many vendors
of binary distributions aren't just going to rip the code back out
(BIND being freely modifiable open source)? Doing so reduces the
number of confused and panicked calls from clients when BIND does
whatever weird things it is programmed to, and also would reduce the
pressure for instant patches whenever BIND self-destructs. What vendor
in their right mind would leave it in?