nanog mailing list archives
Re: AOL breaking dns spoof protection
From: Paul Vixie <vixie () vix com>
Date: 07 Aug 2003 21:24:43 +0000
pete () he iki fi ("Petri Helenius") writes:
I´m constantly seeing responses to queries for AOL servers which come in from different IP addresses than the query was sent to.
due to the weakness of the 16-bit query id field, bind will throw that stuff away. the source address and port has to match the destination of the query, and the question section has to be copied in its entirety. i don't know who aol is going to be able to send responses to who won't apply those same restrictions.
Current thread:
- [connie.davis () mail internetseer com: answerpointe.cctec.com] Leo Bicknell (Aug 07)
- Re: [connie.davis () mail internetseer com: answerpointe.cctec.com] Will Yardley (Aug 07)
- AOL breaking dns spoof protection Geo. (Aug 07)
- Re: AOL breaking dns spoof protection Petri Helenius (Aug 07)
- Re: AOL breaking dns spoof protection Paul Vixie (Aug 07)
- Re: AOL breaking dns spoof protection Petri Helenius (Aug 07)
- AOL breaking dns spoof protection Geo. (Aug 07)
- Re: AOL breaking dns spoof protection Booth, Michael (ENG) (Aug 07)
- Re: AOL breaking dns spoof protection Phil Rosenthal (Aug 07)
- Re: AOL breaking dns spoof protection Geo. (Aug 07)
- Re: [connie.davis () mail internetseer com: answerpointe.cctec.com] Will Yardley (Aug 07)
- RE: [connie.davis () mail internetseer com: answerpointe.cctec.com] Jay Hennigan (Aug 09)
- RE: [connie.davis () mail internetseer com: answerpointe.cctec.com] Charles Sprickman (Aug 10)
- Re: [connie.davis () mail internetseer com: answerpointe.cctec.com] Etaoin Shrdlu (Aug 10)
- Re: [connie.davis () mail internetseer com: answerpointe.cctec.com] Randy Bush (Aug 10)