Re: Global DNS Cache poisoning?

["Jay D. Dyson" <jdyson () treachery net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 4 Mar 2005, Russell Guthrie wrote:

> SANS is reporting a potential DNS cache poisoning.  Has anyone heard or 
> seen anything to confirm this?

	Nothing I can solidly confirm, but I have seen DNS systems around 
the 'net (spanning from XO to Sun Microsystems) become increasingly 
unresponsive or uncooperative over the past six weeks.  One moment, domain 
names would resolve in milliseconds...and in the next moment, the DNS 
would act as if the domain I just looked up never existed.  This wasn't 
just one DNS flaking out; it was several.

	Three separate DNS systems (from different network providers) in 
my resolv.conf became so unreliable that I had to remove them so that my 
host services that do lookups didn't bog down.  I eventually shuffled in a 
set of nameservers that didn't seem to be affected.

	Maybe it's just a coincidence.  Like I said, I have nothing solid; 
just circumstantial.  Maybe it means nothing...but it's a damned ugly 
nothing if you ask me.

- -Jay

  (    (                                                        _______
  ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) |    = |-'
 `--' `--'  `-I just started World War III.  You're welcome.-'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQFCKNwsBYoRACwSF0cRAsMVAJ0d4nuApmZJX02WOkZ37gY9TLiI8wCfbPo5
+zRwbwesL3kuP98JEqAouu8=
=ypw1
-----END PGP SIGNATURE-----