nanog mailing list archives
Re: how to protect name servers against cache corruption
From: woods () most weird com (Greg A. Woods)
Date: Thu, 31 Jul 1997 12:50:52 -0400 (EDT)
[ On Thu, July 31, 1997 at 09:15:03 (-0700), Michael Dillon wrote: ]
Subject: Re: how to protect name servers against cache corruption At 3:54 AM -0400 7/31/97, Alexander O. Yuriev wrote:a. not talk publicly about this lest the cracker community learn too muchSure. Now how do you propose to make sure that only good guys know about bad things? Mathematically it is impossible. It is a set theoryI don't propose to "make sure" that only good guys know, I just suggest that it is better to not spread the info publicly when you don't know who is listening in. Why make the bad guys job easier?
The bad guys already know. They're often the ones who discover the problems in the first place and even if they aren't you can be sure they'll find out once the "experts" do.. All that happens when people try and restrict information about incidents is that the number of people focusing on the solution is reduced, often drasically to below the critical mass necessary to solve the problem once and for all. The only minor gain that can be had from controlling this information is that egos are less bruised and the truely amateur crackers may not learn of various faults. This is really only useful for those barn-door sized problems where any joe could wander through and wreak havoc even without looking. Now from an operations point of view it may be best to not give away too many details before the experts get a look and definitely don't reveal the impact of a given attack on your organization unless you already have a good handle on it. However this group in particular should be making wide and frequent use of this list and others like it to notify each other (and the experts) of things they should be looking out for and precautions that should be taken. Please do reduce the exposure some of these old myths get though and debunk them as fully as possible. -- Greg A. Woods +1 416 443-1734 VE3TCP <gwoods () acm org> <robohack!woods> Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>
Current thread:
- Re: how to protect name servers against cache corruption, (continued)
- Re: how to protect name servers against cache corruption tqbf (Aug 02)
- Re: how to protect name servers against cache corruption Michael Dillon (Aug 02)
- Re: how to protect name servers against cache corruption Randy Bush (Aug 02)
- Re: how to protect name servers against cache corruption Paul A Vixie (Aug 02)
- Re: how to protect name servers against cache corruption Robert T. Nelson (Aug 02)
- Re: how to protect name servers against cache corruption Gary E. Miller (Aug 02)
- Re: how to protect name servers against cache corruption Aleph One (Aug 02)
- Re: how to protect name servers against cache corruption Paul A Vixie (Aug 02)
- Re: how to protect name servers against cache corruption Aleph One (Aug 02)
- Re: how to protect name servers against cache corruption Michael Dillon (Aug 02)