I received the following quote as an email from someone that used to host one of my sites.

Anyone know what this means?
Our dns server was hacked lastnight and is still in the progress of being rebuilt. It should be up shortly I've just never heard this expression before.

Simple..

Their DNS server (the server that resolves IP to Names and Names to IPs) was hacked (compromised, exploited, violated).

I guess they never updated their Bind to a newer version.

As mentioned above it probably was a Bind exploit. I will never understand why so many people still use Bind (and Sendmail and Windows...) There are much better alternatives, yet so many people just use whatever was already installed, or whatever the rest of the world uses.

djbdns aka tinydns :) http://cr.yp.to

Will this hacking effect the domains with multiple nameserver.
:)

It certainly could, depending on what exactly was done.

If they simply took down the DNS server, most agents/caches will fall back to one of the other listed name servers.

If, however, they changed the DNS entries to point somewhere else, where the "hacked" name server is in fact returning a valid response, then you have a 50% (or 33% if you have two secondaries, etc) chance of getting the wrong location.

I second TinyDNS, btw, which is what I use personally. I don't think I've ever heard of an instance where it has been comprimised, and the author even offers a reward if anyone finds any holes in it.

<EDIT>
Another thing... on the multiple name servers issue, if the secondaries are set up to mirror the primary, and the primary was hacked, the secondaries could very well "self-hack" by mirroring the bad cache. I know of an instance where a very large provider had a problem where their fall-over servers mirrored a corrupted name server, and their whole system was trashed...
</EDIT>

Originally posted by Jm4n
As mentioned above it probably was a Bind exploit. I will never understand why so many people still use Bind (and Sendmail and Windows...) There are much better alternatives, yet so many people just use whatever was already installed, or whatever the rest of the world uses.

Its funny that you mention Bind, Sendmail and Windows in one sentence. Especially because the first two are actually more or less Unix specific applications. Windows itself is not that unsecure, its the applications which have the bugs, but this is not the fault of the operating system.

Alexander