nanog mailing list archives
DNS hardening, was Re: Dan Kaminsky
From: John Levine <johnl () iecc com>
Date: 5 Aug 2009 16:48:23 -0000
Other than DNSSEC, I'm aware of these relatively simple hacks to add entropy to DNS queries. 1) Random query ID 2) Random source port 3) Random case in queries, e.g. GooGLe.CoM 4) Ask twice (with different values for the first three hacks) and compare the answers I presume everyone is doing the first two. Any experience with the other two to report? R's, John
Current thread:
- Re: Dan Kaminsky, (continued)
- Re: Dan Kaminsky Ben Scott (Aug 05)
- Re: Dan Kaminsky Jorge Amodio (Aug 05)
- Re: Dan Kaminsky Randy Bush (Aug 07)
- RE: Dan Kaminsky Buhrmaster, Gary (Aug 07)
- Re: Dan Kaminsky Jorge Amodio (Aug 07)
- QR-Codes... was: Re: Dan Kaminsky Dragos Ruiu (Aug 07)
- Re: Dan Kaminsky Jorge Amodio (Aug 07)
- Re: Dan Kaminsky Nick Hilliard (Aug 05)
- Re: Dan Kaminsky bert hubert (Aug 04)
- Re: DNS hardening, was Re: Dan Kaminsky bert hubert (Aug 05)
- Re: DNS hardening, was Re: Dan Kaminsky Phil Regnauld (Aug 05)
- Re: DNS hardening, was Re: Dan Kaminsky John R. Levine (Aug 05)
- Re: DNS hardening, was Re: Dan Kaminsky Steven M. Bellovin (Aug 05)
- Re: dnscurve and DNS hardening, was Re: Dan Kaminsky John R. Levine (Aug 05)
- Re: dnscurve and DNS hardening, was Re: Dan Kaminsky Mark Andrews (Aug 05)
- Re: dnscurve and DNS hardening, was Re: Dan Kaminsky Naveen Nathan (Aug 05)
- RE: dnscurve and DNS hardening, was Re: Dan Kaminsky Skywing (Aug 05)
- Re: dnscurve and DNS hardening, was Re: Dan Kaminsky Ben Scott (Aug 05)
- Re: dnscurve and DNS hardening, was Re: Dan Kaminsky Naveen Nathan (Aug 05)