nanog mailing list archives

Re: Multiple DNS implementations vulnerable to cache poisoning

From: Michael Sinatra <michael () rancid berkeley edu>
Date: Thu, 10 Jul 2008 11:12:56 -0700

On 07/10/08 11:03, Jay R. Ashworth wrote:

Another test, that apparently was publicized on some dnsops list:

dig +short porttest.dns-oarc.net TXT

The "some dnsops list" is the OARC public dns-operations list, and thisposting explains the tool and briefly describes the results:


http://lists.oarci.net/pipermail/dns-operations/2008-July/002932.html

There's a healthy discussion of this vuln and DNSSEC going on overthere, and that list is an appropriate forum for further discussion ofthis topic.


michael

Current thread:

Re: Multiple DNS implementations vulnerable to cache poisoning, (continued)
- - - Re: Multiple DNS implementations vulnerable to cache poisoning Randy Bush (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Eric Brunner-Williams (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Christopher Morrow (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Martin Hannigan (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Christopher Morrow (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning David Conrad (Jul 10)
    - RE: Multiple DNS implementations vulnerable to cache poisoning Martin Hannigan (Jul 10)
    - Message not available
    - Re: Multiple DNS implementations vulnerable to cache poisoning Christopher Morrow (Jul 10)
    - Re: Multiple DNS implementations vulnerable to cache poisoning David Conrad (Jul 10)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jay R. Ashworth (Jul 10)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Michael Sinatra (Jul 10)
    - RE: Multiple DNS implementations vulnerable to cache poisoning Andrews Carl 455 (Jul 10)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Russ Mundy (Jul 10)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Joao Damas (Jul 10)
    - Message not available
    - Re: Multiple DNS implementations vulnerable to cache poisoning David Conrad (Jul 10)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jay R. Ashworth (Jul 09)
  - Re: Multiple DNS implementations vulnerable to cache poisoning Fernando Gont (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Patrick W. Gilmore (Jul 09)
    - RE: Multiple DNS implementations vulnerable to cache poisoning Eric Davis (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Phil Regnauld (Jul 10)
- Re: Multiple DNS implementations vulnerable to cache poisoning Paul Ferguson (Jul 09)

(Thread continues...)