Re: DNS cache poisoning attacks -- are they real?

North American Network Operators Group

Re: DNS cache poisoning attacks -- are they real?

From: John Payne
Date: Wed Mar 30 23:49:48 2005

On Mar 29, 2005, at 5:37 AM, Simon Waters wrote:

The answers from a recursive servers won't be marked authoritative (AA bit not
set), and so correct behaviour is to discard (BIND will log a lame server
message as well by default) these records.

As others have pointed out, BZZZZT

If your recursive resolver doesn't discard these records, suggest you get one
that works ;)

Yeah, problem is, it ain't my recursive resolver that's the problem... I don't actually follow links in spam (shock, horror), just pointing out the problem.

References:
- DNS cache poisoning attacks -- are they real? Florian Weimer
- Re: DNS cache poisoning attacks -- are they real? Randy Bush
- Re: DNS cache poisoning attacks -- are they real? John Payne
- Re: DNS cache poisoning attacks -- are they real? Simon Waters

Prev by Date: APRICOT 2006 withdrawn from Bangalore, India - moves to Perth
Next by Date: AOL's brains on the floor?
Date Index
Thread Index
Author Index
Historical