Re: DNS cache poisoning attacks -- are they real?

• From: Suresh Ramasubramanian
• Date: Sun Mar 27 23:50:40 2005

• Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=sk9q9rQ8rxIBDDYlq5EgaKUaKKhD1gMviMWHI54Izqec/a5gLI0SJn5SrsYkgc06yYVr6hVErO54CxR+uq0OhU2Hnsnadl0TDvTziiAIAVxksVgqSTUykHuBuPlk7kCkDfvwIjk3vtAYHiP3D1jGuVnkZTmLpJ4+QKfi1ZdRjPc=

On Sun, 27 Mar 2005 18:22:15 +0100, Brad Knowles
<[email protected]> wrote:
> 
>         Abusing someone else's poorly configured resolvers is not the way
> to solve this problem, and it's a bad habit to get into.
> 

Er, I forgot to mention that it was my ISP whose resolver I used, and
I have a perfect right to use their resolver when necessary.  I try
not to, when I am traveling, given the latency.  But it is not like,
for example, using an open relay, or even using John Gilmore's open by
design relay at toad.com.

I dont know how, but dns requests to those resolvers worked, whereas
my local resolver got proxied through their dns .. if it was a
transparent proxy that'd not be the case.
 
-srs

• References:
  • DNS cache poisoning attacks -- are they real? Florian Weimer
  • Re: DNS cache poisoning attacks -- are they real? Sean Donelan
  • Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian

• Prev by Date: Re: Blocking port 53
• Next by Date: Program survey results
• Date Index
• Thread Index
• Author Index
• Historical