nanog mailing list archives
Re: new DNS forwarder vulnerability
From: Wayne E Bouchard <web () typo org>
Date: Fri, 14 Mar 2014 15:06:16 -0700
Have we ascertained if there is a typical configuration adjustment that can be made to reduce or eliminate the likelihood of impact? (From the description it sounds as though this is not possible but it doesn't hurt to ask.) On Fri, Mar 14, 2014 at 09:05:00AM -0700, Merike Kaeo wrote:
On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer () nic fr> wrote:On Fri, Mar 14, 2014 at 01:59:27PM +0000, Nick Hilliard <nick () foobar org> wrote a message of 10 lines which said:did you characterise what dns servers / embedded kit were vulnerable?He said "We have not been able to nail this vulnerability down to a single box or manufacturer" so it seems the answer is No.It is my understanding that many CPEs work off of same reference implementation(s). I haven't had any cycles for this but with all the CPE issues out there it would be interesting to have a matrix of which CPEs utilize which reference implementation. That may start giving some clues. Has someone / is someone doing this? - merike
--- Wayne Bouchard web () typo org Network Dude http://www.typo.org/~web/
Current thread:
- new DNS forwarder vulnerability Mark Allman (Mar 14)
- Re: new DNS forwarder vulnerability Nick Hilliard (Mar 14)
- Re: new DNS forwarder vulnerability Stephane Bortzmeyer (Mar 14)
- Re: new DNS forwarder vulnerability Merike Kaeo (Mar 14)
- Re: new DNS forwarder vulnerability Nick Hilliard (Mar 14)
- Re: new DNS forwarder vulnerability Livingood, Jason (Mar 14)
- Re: new DNS forwarder vulnerability Gary Baribault (Mar 15)
- Re: new DNS forwarder vulnerability Joe Greco (Mar 15)
- Re: new DNS forwarder vulnerability Laszlo Hanyecz (Mar 15)
- Re: new DNS forwarder vulnerability Paul Ferguson (Mar 15)
- Re: new DNS forwarder vulnerability Stephane Bortzmeyer (Mar 14)
- Re: new DNS forwarder vulnerability Wayne E Bouchard (Mar 14)
- Re: new DNS forwarder vulnerability Jimmy Hess (Mar 15)
- Re: new DNS forwarder vulnerability Nick Hilliard (Mar 14)