North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: how to protect name servers against cache corruption
"Thomas H. Ptacek" writes: > > Paul has made it clear that there are holes in the DNS protocols that > > cannot be fixed without DNSSEC. He isn't papering anything over -- he > > Thank you for clearing this up. For the record, my only intention is to > clarify the facts surrounding the DNS security issues that have been > popularized by the recent Alternic attacks. I think I have done this. To > reiterate: BIND 8.1.1 is not immune to all the variants of the attack used > by the Alternic, No, it *is* immune to all variants on *THAT* attack. It isn't immune to other sorts of attacks. Perry
|