nanog mailing list archives

Re: DNS cache poisoning attacks -- are they real?

From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 27 Mar 2005 23:46:43 +0200


* Joe Maimon:

Slightly OT to parent thread...on the subject of open dns resolvers.

Common best practices seem to suggest that doing so is a bad thing.


There was some malware which contained hard-coded IP addresses of a
few open DNS resolvers (probably in an attempt to escape from
DNS-based walled gardens).  If one of your DNS resolvers was among
them, I'm sure you'd closed it to the general public, too -- and made
sure that your others were closed as well, just in case.

Current thread:

Re: DNS cache poisoning attacks -- are they real?, (continued)
- - - Re: DNS cache poisoning attacks -- are they real? John Payne (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? Chris Brenton (Mar 28)
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Chris Brenton (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Sam Hayes Merritt, III (Mar 29)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? bmanning (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Randy Bush (Mar 27)
    - Blocking port 53 Sean Donelan (Mar 27)
    - Re: Blocking port 53 Randy Bush (Mar 27)
    - Re: Blocking port 53 John Levine (Mar 27)
    - how about the basics? [was: Re: Blocking port 53] Gadi Evron (Mar 28)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian (Mar 27)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian (Mar 28)