nanog mailing list archives
Re: SANS: DNS Bug Now Public?
From: "Jorge Amodio" <jmamodio () gmail com>
Date: Wed, 23 Jul 2008 11:16:26 -0500
Let me add that folks need to understand that the "patch" is not a fix to a problem that has been there for long time and it is just a workaround to reduce the chances for a potential attack, and it must be combined with best practices and recommendations to implent a more robust DNS setup. There are plenty of documents out there (check cert.org for example) that can provide some guidance. Perhaps this situation will help move things on the DNSSEC front, as far as I remember there are some IETF drafts on the standards track addressing these issues. Cheers Jorge On Wed, Jul 23, 2008 at 2:31 AM, Steven M. Bellovin <smb () cs columbia edu> wrote:
On Tue, 22 Jul 2008 08:00:51 -0500 "Jorge Amodio" <jmamodio () gmail com> wrote:It has been public for a while now. Even on the print media, there are some articles about it on the latest Computerworld mag without giving too much detail about how to exploit it. ie PATCH NOW !!!Kaminsky's blog says "Patch. Today. Now. Yes, stay late." --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- SANS: DNS Bug Now Public? Jon Kibler (Jul 22)
- Re: SANS: DNS Bug Now Public? Christian Koch (Jul 22)
- Re: SANS: DNS Bug Now Public? Jorge Amodio (Jul 22)
- Re: SANS: DNS Bug Now Public? Steven M. Bellovin (Jul 23)
- Re: SANS: DNS Bug Now Public? Jorge Amodio (Jul 23)
- Re: SANS: DNS Bug Now Public? Joe Abley (Jul 23)
- Re: SANS: DNS Bug Now Public? Darren Bolding (Jul 23)
- Re: SANS: DNS Bug Now Public? Jasper Bryant-Greene (Jul 23)
- Re: SANS: DNS Bug Now Public? Phil Regnauld (Jul 24)
- Re: SANS: DNS Bug Now Public? Paul Vixie (Jul 24)
- Re: SANS: DNS Bug Now Public? Steven M. Bellovin (Jul 23)