nanog mailing list archives
Re: Exploit for DNS Cache Poisoning - RELEASED
From: Graeme Fowler <graeme () graemef net>
Date: Fri, 25 Jul 2008 23:32:32 +0100
On Fri, 2008-07-25 at 23:25 +0100, Graeme Fowler wrote:
I saw this earlier in the week, along with queries for a domain name which happens to have been registered by Dan Kaminsky, so I emailed him about it. The addresses in question at Georgia Tech appear to be in use as part of Doxpara's scan for unpatched systems, which he confirmed.
And for extra points, can anyone with access to the raw un-logwatched log entries tell us what's rather odd about the queries, given the current furore over... well, that'd give the answer ;-) Graeme
Current thread:
- Re: Exploit for DNS Cache Poisoning - RELEASED, (continued)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Eric Brunner-Williams (Jul 24)
- RE: Exploit for DNS Cache Poisoning - RELEASED Tomas L. Byrnes (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Valdis . Kletnieks (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Alexander Harrowell (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Pete Carah (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Graeme Fowler (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Graeme Fowler (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Florian Weimer (Jul 26)
- RE: Exploit for DNS Cache Poisoning - RELEASED Tomas L. Byrnes (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 24)