nanog mailing list archives

Re: No DNS poisoning at Google (in case of trouble, blame the DNS)

From: Ken A <ka () pacific net>
Date: Thu, 28 Jun 2012 10:21:26 -0500



On 6/28/2012 6:05 AM, Tei wrote:

If you use these project that already do 99% of what the customer
need, plus a 120% the customer not need (and perhaps don't want). The
code quality will be normally be good, with **horrible** exceptions.
But sooner or later, (weeks) there will be exploits for this codebase,
to hack the site in horrible ways.  If the customer don't pay
maintenance and dont do the maintenance himself  the code will turn
comically outdated. Hacking the site will be easy for childrens age 5
and high. Maintenance suck.  This option suck.

All options suck.

That's why there are things like mod_security and other applicationlevel firewalls. After exploits have CVE numbers, so do the fixes to thefirewalls. And, due to the cost of custom software, and ease of use ofpush button install Wordpress, this isn't likely to change soon.It would be nice if WP/Joomla/etc force auto-updated by default, atleast for sec fixes..

Ken
Pacific.Net

Current thread:

Re: No DNS poisoning at Google (in case of trouble, blame the DNS), (continued)
- - - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Arturo Servin (Jun 27)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Jason Hellenthal (Jun 27)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Ryan Rawdon (Jun 27)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Ryan Rawdon (Jun 27)
    - RE: No DNS poisoning at Google (in case of trouble, blame the DNS) Matthew Black (Jun 27)
    - RE: No DNS poisoning at Google (in case of trouble, blame the DNS) Matthew Black (Jun 27)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) AP NANOG (Jun 27)
  - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Tei (Jun 28)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Arturo Servin (Jun 28)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Tei (Jun 28)
    - Re: No DNS poisoning at Google (in case of trouble, blame the DNS) Ken A (Jun 28)
- RE: DNS poisoning at Google? David Hubbard (Jun 26)
  - RE: DNS poisoning at Google? Matthew Black (Jun 26)
    - Re: DNS poisoning at Google? Sadiq Saif (Jun 26)
    - Re: DNS poisoning at Google? Ishmael Rufus (Jun 26)
    - RE: DNS poisoning at Google? Matthew Black (Jun 26)
    - Re: DNS poisoning at Google? Michael J Wise (Jun 26)
    - RE: DNS poisoning at Google? Matthew Black (Jun 26)
    - Re: DNS poisoning at Google? Jeremy Hanmer (Jun 26)
    - RE: DNS poisoning at Google? Matthew Black (Jun 26)
    - Re: DNS poisoning at Google? David Miller (Jun 26)

(Thread continues...)