The Berkeley Internet Name Domain (BIND) software that’s used to connect HP 3000s to the Internet appears to be vulnerable to a new security advisory from the Internet Security Systems on Nov. 12. ISS said that BIND software version 8, which includes the HP 3000’s MPE/iX version, can be subject to Denial of Service attacks. “The vulnerabilities described in this advisory affect nearly all currently deployed recursive DNS servers on the Internet,” said the ISS report on the Web; full details are at bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=2146.

HP engineer Mark Bixby has ported the 8.2.4 release of BIND to MPE/iX, but ISS advisory reports that 8.2.7 is the earliest release of Version 8 that isn’t vulnerable to attacks. Computerworld reported that BIND software for all servers, the module necessary to let HP 3000s act as named hosts for Web IP addresses such as 3000newswire.com, has been listed as one of the top 20 security vulnerabilities by the FBI.