Check or Attack Name: dnsupdates

The BIND name server is compiled to allow dynamic updates via the -DALLOW_UPDATES define. Allowing dynamic updates permits an attacker to corrupt your server.

Recompile your name server without the -DALLOW_UPDATES option.

Refer to your vendor's documentation for more information. For more information or an updated version of BIND, see the Internet Software Consortium's (ISC) BIND page at http://www.isc.org/bind.html.

Internet Software Consortium (ISC), BIND (Berkeley Internet Name Domain) page, http://www.isc.org/bind.html