North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS cache poisoning attacks -- are they real?

  • From: Randy Bush
  • Date: Sun Mar 27 12:04:59 2005

>> On the other hand, there are a lot of reasons why a DNS operator may
>> return different answers to their own users of their resolvers.  Reverse
>> proxy caching is very common. Just about all WiFi folks use cripple
>> DNS as part of their log on. Or my favorite, quarantining infected
>> computers to get the attention of their owners.

sean, solving a layer two problem (mac address) at layer four will bite
you in the long run.

> Thank $DEITY for large ISPs running open resolvers on fat pipes ..
> those do come in quite handy in a resolv.conf sometimes, when I run
> into this sort of behavior.

problem is many walled garden providers, e.g. t-mo, block 53.

randy