nanog mailing list archives

Re: DNS cache poisoning attacks -- are they real?

From: John Payne <john () sackheads org>
Date: Wed, 30 Mar 2005 23:47:40 -0500



On Mar 29, 2005, at 5:37 AM, Simon Waters wrote:

The answers from a recursive servers won't be marked authoritative (AAbit notset), and so correct behaviour is to discard (BIND will log a lameserver
message as well by default) these records.


As others have pointed out, BZZZZT

If your recursive resolver doesn't discard these records, suggest youget one
that works ;)

Yeah, problem is, it ain't my recursive resolver that's the problem...I don't actually follow links in spam (shock, horror), just pointingout the problem.

Current thread:

Re: DNS cache poisoning attacks -- are they real?, (continued)
- - - Re: DNS cache poisoning attacks -- are they real? Randy Bush (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? Christopher L. Morrow (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? John Payne (Mar 28)
    - Re: DNS cache poisoning attacks -- are they real? Randy Bush (Mar 28)
    - Re: DNS cache poisoning attacks -- are they real? John Payne (Mar 28)
    - Re: DNS cache poisoning attacks -- are they real? Simon Waters (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 29)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? Chris Brenton (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? John Payne (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? Chris Brenton (Mar 28)
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Chris Brenton (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Sam Hayes Merritt, III (Mar 29)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 30)
    - Re: DNS cache poisoning attacks -- are they real? bmanning (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)

(Thread continues...)