nanog mailing list archives

Re: how to protect name servers against cache corruption

From: Paul A Vixie <vixie () vix com>
Date: Tue, 29 Jul 1997 19:30:04 -0700

To reiterate: BIND 8.1.1 is not immune to all the variants of the attack
used by the Alternic,


False.  The attacks which remain are not variants of the bug exploited by
AlterNIC, which was a program bug rather than a protocol misfeature.

                    and there are very real security problems that remain
(and will continue to remain) until the implementation of DNSSEC
(according to Mr. Vixie).


True.

As this thread is now rapidly losing it's operations context (as well as
it's informative value), I'd suggest we now move towards killing it.


As soon as messages containing misstatements like the one above stop 
appearing, I for one will be happy to return to lurk status.

Current thread:

Re: how to protect name servers against cache corruption, (continued)
- Re: how to protect name servers against cache corruption Karl Denninger (Jul 22)
- Re: how to protect name servers against cache corruption tqbf (Jul 29)
  - Re: how to protect name servers against cache corruption Paul A Vixie (Jul 29)
    - Re: how to protect name servers against cache corruption Thomas H. Ptacek (Jul 29)
    - Re: how to protect name servers against cache corruption Paul A Vixie (Jul 29)
    - Re: how to protect name servers against cache corruption Thomas H. Ptacek (Jul 29)
    - Re: how to protect name servers against cache corruption Paul A Vixie (Jul 29)
    - Re: how to protect name servers against cache corruption Ben Black (Jul 29)
    - Re: how to protect name servers against cache corruption Perry E. Metzger (Jul 29)
    - Re: how to protect name servers against cache corruption Thomas H. Ptacek (Jul 29)
    - Re: how to protect name servers against cache corruption Paul A Vixie (Jul 29)
    - Re: how to protect name servers against cache corruption Perry E. Metzger (Jul 29)
    - Re: how to protect name servers against cache corruption Thomas H. Ptacek (Jul 29)
    - Re: how to protect name servers against cache corruption Perry E. Metzger (Jul 29)
    - Re: how to protect name servers against cache corruption Thomas H. Ptacek (Jul 29)
    - Re: how to protect name servers against cache corruption Christopher Masto (Jul 29)
    - Re: how to protect name servers against cache corruption tqbf (Jul 29)
    - Re: how to protect name servers against cache corruption Jay R. Ashworth (Jul 30)
    - Re: how to protect name servers against cache corruption Perry E. Metzger (Jul 30)
    - Re: how to protect name servers against cache corruption tqbf (Jul 30)
    - Re: how to protect name servers against cache corruption Deepak Jain (Jul 30)

(Thread continues...)