|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: how to protect name servers against cache corruption
On Wed, Jul 30, 1997 at 11:09:24AM -0700, Paul A Vixie wrote: > > 3) If it was that easy to do, why hasn't it happened again? > > because that particular attack only works if you are willing to get caught. Nicely put. Although accidents do happen, like the genieweb.com answering for ".com" debacle a couple weeks back. > > 4) How can I check for cache corruption? > > "dig @0 www.netsol.com a" and "dig @cache00.ns.uu.net www.netsol.com a" and > check for differences. Paul: I assume dig @0 is an idiom for localhost? (Apologies for being less than familiar with dig, it's not on this machine, and I'm not the admin.) > > Apologies if any of the above sound moronic or ill-informed; extracting > > facts from reams of "what is a backhoe" mail list is a painfully slow task. > > Time for some filters I think... > > no apologia needed. public explainations of this attack have been poor, even > and especially by me. i'm grateful for the opportunity to improve on that. I hadn't thought that the explanations were all _that_ weak... and I'm on 7 lists, and the backhoe traffic didn't bother _me_ that much. Perhaps time for a new mail program, or a faster link? Cheers, -- jr '30 newsgroups, too' a -- Jay R. Ashworth [email protected] Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "People propose, science studies, technology Tampa Bay, Florida conforms." -- Dr. Don Norman +1 813 790 7592
|