Vulnerability Development mailing list archives
Re: DNS exploit
From: Ryan Permeh <Ryan () EEYE COM>
Date: Thu, 24 Aug 2000 10:03:43 -0700
forgive me if i'm mistaken, but this should simply return 127.0.0.1 on a request for both www.domain.com. and domain.com. this should be totally legit, and should cause no problems. again, as someone else asked, where is the DoS in this? and what type of nameservers DO this affect badly? Signed, Ryan eEye Digital Security Team http://www.eEye.com ----- Original Message ----- From: "Geo." <georger () NLS NET> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Thursday, August 24, 2000 5:56 AM Subject: Re: DNS exploit
The record should look like this for all you who want to test your dns. @ CNAME www www A 127.0.0.1 Geo.The "BIND" name server won't be seriously affected by this. First, if you attempt to have a hostname that has both an "A" record and a CNAME, the domain will be rejected outright. You'll see errors like this:> MSG
Current thread:
- DNS exploit George (Aug 22)
- Re: DNS exploit Chris A. Mattingly (Aug 23)
- Re: DNS exploit Gordon Messmer (Aug 23)
- Re: DNS exploit Geo. (Aug 24)
- Re: DNS exploit Ryan Permeh (Aug 24)
- Re: DNS exploit Chris A. Mattingly (Aug 24)
- Re: DNS exploit Geo. (Aug 24)