DNS Amplification Attacks

This paper outlines a Distributed Denial of Service (DDoS) attack which abuses open recursive Domain Name System (DNS) name servers using spoofed UDP packets.

It's an amplification attack leveraging EDNS.

nscan patch

This patch against nscan v0.18 simply adds nbe as another report-type, which
is supported according to the output of 'nessus -h'
This is a more flexible output format since from it any of the other
formats created, using nessus -i infile.nbe -o outfile

Right Tool For the Job - Nessus

Good article about vulnerability scanning with nessus. Interesting that they chose to implement the scanner from a virtual machine, my recent installation of nessus 3.x on a VM (running under VMware's ESX server) produced a warning that running under a VM was not a great idea for performance reasons.

Bacula upgrade

Today I upgrade my FreeBSD-based bacula server, only to find it would not start. This was the error message:

franco# /usr/local/etc/rc.d/z-bacula.sh start
Starting the Bacula Storage daemon
Starting the Bacula File daemon
Starting the Bacula Director daemon
18-Mar 09:35 bacula-dir: Fatal error: Version error for database "bacula". Wanted 9, got 8
18-Mar 09:35 bacula-dir: Fatal error: Could not open database "bacula".
18-Mar 09:35 bacula-dir: Fatal error: Version error for database "bacula". Wanted 9, got 8
18-Mar 09:35 bacula-dir ERROR TERMINATION
Please correct configuration file: /usr/local/etc/bacula-dir.conf

Well it turns out that going from 1.36 to 1.38 involves a significant database change (I am using the MySQL backend), and the following command needs to be run.

franco# /usr/local/share/bacula/update_bacula_tables -p
Altering MySQL tables

This script will update a Bacula MySQL database from version 8 to 9
Depending on the size of your database,
this script may take several minutes to run.

Enter password:
Update of Bacula MySQL tables succeeded.