Full Disclosure mailing list archives

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion)

From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Tue, 15 Jul 2008 21:32:40 -0500

--On July 15, 2008 10:22:56 PM -0400 Valdis.Kletnieks () vt edu wrote:

On Tue, 15 Jul 2008 20:46:57 CDT, Paul Schmehl said:

Perhaps that's because a cert problem on a web server breaks a single
webserver.  A cert problem with dns breaks an entire domain.


On the flip side, if you busticate DNS for the entire domain, you're
likely to *notice* it and *fix* it a lot faster.  "Dead in the water"
is, in some ways, actually preferrable to "damn, this may or may not
have been broken for the last 6 months - how many users just gave up and
never came back?"


Good point.

Paul Schmehl
If it isn't already obvious,
my opinions are my own and not
those of my employer.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion), (continued)
- - - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 14)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) FRLinux (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Valdis . Kletnieks (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Paul Schmehl (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Robert Holgstad (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mark Andrews (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Nick FitzGerald (Jul 15)
- Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 14)
  - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Rob (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) n3td3v (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Mike Owen (Jul 15)
    - Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)