nanog mailing list archives
Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations
From: Daniel Golding <dgolding () burtongroup com>
Date: Mon, 18 Apr 2005 14:57:06 -0400
Aside from individual OS behavior, doesn't this seem like very bad advice? What sort of DNS cache poisoning attack could possibly work against a workstation that has a caching resolver but no DNS server? If a hacker really wished to do a name resolution attack against workstations, wouldn't they just write some spyware that injected a hosts file? Seems easier. At any rate, wouldn't disabling caching/not paying attention to TTLs have a truly adverse impact on the DNS infrastructure? What is the % difference in incremental DNS server load between a host that obeys TTLs and one that not, but makes a new query each time? A single host wouldn't have much impact - how about a couple million? Is there something I'm missing here that's motivating Yarden's advice? - Dan </head scratching> On 4/18/05 1:35 PM, "Chris Adams" <cmadams () hiwaay net> wrote:
Once upon a time, Patrick W. Gilmore <patrick () ianai net> said:Depends on what you call "caching". Does honoring a TTL qualify as caching?What other kind of DNS caching is there?Can you imagine what would happen if every time anyone ever looked up any hostname they sent out a DNS query?That's what most Unix/Linux/*BSD boxes do unless they are running a local caching name service of some time (BIND, nscd, etc.). I wasn't actually aware that Windows had a DNS cache service.
Current thread:
- Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Jay R. Ashworth (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Patrick W. Gilmore (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Chris Adams (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Patrick W. Gilmore (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Chris Adams (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Patrick W. Gilmore (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Chris Adams (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Eric Louie (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Daniel Golding (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Jason Frisvold (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Mikael Abrahamsson (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Florian Weimer (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Jason Frisvold (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Matthew Sullivan (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Randy Bush (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Patrick W. Gilmore (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Rachael Treu Gomes (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Florian Weimer (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Peter & Karin Dambier (Apr 18)
- Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations Tony Rall (Apr 18)