Educause Security Discussion mailing list archives

Re: DNSSEC Deployment

From: John Kristoff <jtk () CYMRU COM>
Date: Mon, 17 May 2010 16:24:11 -0500

On Mon, 17 May 2010 17:06:00 -0400
Jason Frisvold <frisvolj () LAFAYETTE EDU> wrote:

-- ATT Austin Texas
   http://www.pcworld.com/businesscenter/article/149126/dns_attack_wri
   ter_a_victim_of_his_own_creation.html (URL split due to length)

-- Brasilian Banks
   http://www.theregister.co.uk/2009/04/22/bandesco_cache_poisoning_attack/

-- China Netcom
   http://securitylabs.websense.com/content/Alerts/3163.aspx


While all three of these appear to have occurred *after* the Kaminsky
vulnerability was released, there doesn't seem to be any indication as
to whether these systems were patched.


Nor any conclusive evidence that any of these were as a result of the
Kaminsky style attack.   In fact, I recall the South American one for
sure was not.

Someone is sure to launch one now just to shut me up.  Please don't
forget to pass '-s0' to tcpdump before you send me that pcap.  :-)

John

Current thread:

Re: DNSSEC Deployment, (continued)
- Re: DNSSEC Deployment Jason Frisvold (May 17)
- Re: DNSSEC Deployment John Ladwig (May 17)
- Re: DNSSEC Deployment Joe St Sauver (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment Joe St Sauver (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment John Kristoff (May 17)
- Re: DNSSEC Deployment Jason Frisvold (May 17)
- Re: DNSSEC Deployment Jason Frisvold (May 17)
- Re: DNSSEC Deployment Bruce Curtis (May 17)
- Re: DNSSEC Deployment John Kristoff (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment John Ladwig (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)