nanog mailing list archives
Re: EMAIL != FTP
From: Valdis.Kletnieks () vt edu
Date: Sat, 26 May 2001 19:43:17 -0400
On Sat, 26 May 2001 19:23:16 EDT, Mitch Halmu said:
Did I happen to mention MAPS in my post? I didn't. The argument was made for ORBS, or any FOREIGN entity that blocks North American networks. ORBS fans in this country will have lots of explaining to do and hell to pay if any foreign entity exploits this weakness to attack US interests in an international incident.
For those who read Computerworld, a co-worker of mine was quoted on page 1 of the May 21 issue, saying "You can expect to see major liability lawsuits in the next 18 months or so". Better install those IIS patches *NOW* - I'm more concerned about a lawyer attack than an international terrorist attack.... OK.. so a hostile site *could* use DNS cache poisoning or hack the ORBS DNS servers to screw up your e-mail. On the other hand, you have the *EXACT* same vulnerability for *ANY* use of DNS. So unless you're using /etc/hosts exclusively, you have *bigger* problems if faced by a determined adversary. Frankly, if *I* were a determined adversary, the site's use of ORBS would be the least of their problems. I don't know.. maybe the foreign terrorists are like the Three Stooges - they DID catch the guys who bombed the World Trade Center when one of them tried to get back the deposit on the now-destroyed truck..... For bonus points - if anybody is both paranoid and anal-retentive enough to care about this sort of thing, I presume you *HAVE* edited your DNS cache hints to only include root name servers that are located on US soil, and reachable entirely by communications links that do not take a loop through non-US territories. THere *will* be hell to pay if foreign terrorists take over a root name server that's outside the US, after all.... -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Attachment:
_bin
Description:
Current thread:
- RE: EMAIL != FTP, (continued)
- RE: EMAIL != FTP Roeland Meyer (May 25)
- Re: EMAIL != FTP Richard A. Steenbergen (May 25)
- RE: EMAIL != FTP Roeland Meyer (May 26)
- RE: EMAIL != FTP Stephen J. Wilcox (May 26)
- Re: EMAIL != FTP Wojtek Zlobicki (May 26)
- RE: EMAIL != FTP Roeland Meyer (May 26)
- Re: EMAIL != FTP Adam Rothschild (May 26)
- Re: EMAIL != FTP Mitch Halmu (May 26)
- Re: EMAIL != FTP John Fraizer (May 26)
- Re: EMAIL != FTP Mitch Halmu (May 26)
- Re: EMAIL != FTP Valdis . Kletnieks (May 26)
- Re: EMAIL != FTP Mitch Halmu (May 27)
- Re: EMAIL != FTP Jim Mercer (May 27)
- Re: EMAIL != FTP Steve Sobol (May 28)
- Re: EMAIL != FTP Adam Rothschild (May 26)
- Re: EMAIL != FTP Scott Francis (May 27)
- Re: EMAIL != FTP Jim Mercer (May 26)
- Re: EMAIL != FTP Sabri Berisha (May 28)
- Re: EMAIL != FTP Stephen J. Wilcox (May 26)