|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DNS cache poisoning attacks -- are they real?
On Mar 28, 2005, at 1:11 AM, Randy Bush wrote: Huh? I think you do not understand. Do not mistake "cache hijack" for "cache poison".And to Randy's point about problems with open recursive nameservers... abusers have been known to cache "hijack". Register a domain, configure an authority with very large TTLs, seed it onto known open recursive nameservers, update domain record to point to the open recursive servers rather than their own. Wammo, "bullet proof" dns hosting.as has been said here repeatedly, you should not be running servers, recursive or not, on old broken and vulnerable software. This is _nothing_ to do with what you're running on the recursive nameserver. It is doing _exactly_ what it is supposed to do. Get answers, store in cache, respond to queries from cache if TTL isn't expired.
|