nanog mailing list archives
Re: DNS cache poisoning attacks -- are they real?
From: Randy Bush <randy () psg com>
Date: Sun, 27 Mar 2005 09:02:06 -0800
On the other hand, there are a lot of reasons why a DNS operator may return different answers to their own users of their resolvers. Reverse proxy caching is very common. Just about all WiFi folks use cripple DNS as part of their log on. Or my favorite, quarantining infected computers to get the attention of their owners.
sean, solving a layer two problem (mac address) at layer four will bite you in the long run.
Thank $DEITY for large ISPs running open resolvers on fat pipes .. those do come in quite handy in a resolv.conf sometimes, when I run into this sort of behavior.
problem is many walled garden providers, e.g. t-mo, block 53. randy
Current thread:
- Re: DNS cache poisoning attacks -- are they real?, (continued)
- Re: DNS cache poisoning attacks -- are they real? Chris Brenton (Mar 29)
- Re: DNS cache poisoning attacks -- are they real? Sam Hayes Merritt, III (Mar 29)
- Message not available
- Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 29)
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 30)
- Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 30)
- Re: DNS cache poisoning attacks -- are they real? bmanning (Mar 27)
- Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 27)
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
- Message not available
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
- Message not available
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 29)
- Re: DNS cache poisoning attacks -- are they real? Randy Bush (Mar 27)
- Blocking port 53 Sean Donelan (Mar 27)
- Re: Blocking port 53 Randy Bush (Mar 27)
- Re: Blocking port 53 John Levine (Mar 27)
- how about the basics? [was: Re: Blocking port 53] Gadi Evron (Mar 28)
- Message not available
- Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian (Mar 27)
- Message not available
- Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian (Mar 28)