nanog mailing list archives

Re: Multiple DNS implementations vulnerable to cache poisoning

From: "Tuc at T-B-O-H.NET" <ml () t-b-o-h net>
Date: Fri, 11 Jul 2008 10:58:01 -0400 (EDT)

Reading through the JavaScript that drives <http://www.doxpara.com/>,
it appears to be pretty easy to write a non-AJAX client to query Dan's
service.  I threw one together in perl, named "noclicky", that allows you
to use Dan's service against any nameserver specified on the command line.
You can download a copy from <http://michael.toren.net/code/noclicky/>.

        It looks like Dan changed what it returns, and noclicky 1.00 gets
confused. You can fix this, atleast until MCT comes out with a new version,
by putting :

my $date = shift @data;

        before the line :

print "Requests seen for $domain:\n";


                        Tuc/TBOH

Current thread:

Re: Multiple DNS implementations vulnerable to cache poisoning, (continued)
- - - Re: Multiple DNS implementations vulnerable to cache poisoning Owen DeLong (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Christian Koch (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jimmy Hess (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jean-François Mezei (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Chris Adams (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Michael C. Toren (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jean-François Mezei (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jay R. Ashworth (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Simon Waters (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jay R. Ashworth (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Tuc at T-B-O-H.NET (Jul 11)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Brian Keefer (Jul 25)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Joe Greco (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Lynda (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jeffrey Ollie (Jul 08)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Jay R. Ashworth (Jul 08)
- Re: Multiple DNS implementations vulnerable to cache poisoning Steven M. Bellovin (Jul 09)
  - Re: Multiple DNS implementations vulnerable to cache poisoning Christopher Morrow (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Steven M. Bellovin (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Christopher Morrow (Jul 09)
    - Re: Multiple DNS implementations vulnerable to cache poisoning Steven M. Bellovin (Jul 09)

(Thread continues...)