North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: DNS: Definitely Not Safe?
On Wed, Feb 14, 2007 at 04:22:44PM -0200, MARLON BORBA wrote: > > mea culpa, mea maxima culpa :-( > my intention, when suggested that reading, was to get your attention about that recent attack which targeted DNS top-level servers and to listen your opinions. > i promise not to post porn, ops, FUD material to nanog again. > > > > Abraços, > > Marlon Borba, CISSP, DataCenter Associate > Técnico Judiciário - Segurança da Informação > TRF 3ª Região > (11) 3012-1683 > -- > 1997-2007 - Dez Anos da DSUP. > Conhecimento Gerando Soluções. > -- what is interesting to me is the "ripple" effect - kind of like the childrens game of "telephone". second, third, and fourth hand interpretation of the events allows the reporter to project their own worst nightmares onto the event ... for some, its a way to raise the spector of fear, giving them credence or the opportunity to market their particular services to the huddled, fearful masses. and to borrow a line from another bit of this thread, http and dns are both applications. applications are vulnerable to attacks that exploit the underlaying protocols. the BEST we can do, w/o replacing IP & TCP/UDP is instrument the applications to alert us that there is a problem. And the actions you (as the target of packet love) take may make your local life manageable, (compartmentalization) can have devestating impact on your peers/neighbors. so don't worry, your posts seem fine to me --bill