Re: Multiple DNS implementations vulnerable to cache poisoning

• From: Russ Mundy
• Date: Thu Jul 10 17:39:18 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

At 11:08 AM -0400 7/10/08, Christopher Morrow wrote:
>On Thu, Jul 10, 2008 at 10:22 AM, Wes Hardaker <[email protected]> wrote:
>>>>>>> On Wed, 9 Jul 2008 22:55:05 -0400, "Christopher Morrow"
>>>>>>><[email protected]> said:
>>
>>>>> aside from just getting some cctlds signed, i will be interested in the
>>>>> tools, usability, work flow, ...  i.e. what is it like for a poor
>>>>> innocent cctld which wants to sign their zone?
>>>>
>>>> If there is sufficient interest, we could do a bar bof to describe some of
>>>> the tools IANA has...
>>>>
>>
>> CM> I think Sandy Murphy or other Sparta folks have presented some of the
>> CM> work they've done on this... Perhaps finding one/some of them and
>> CM> having a more operations focused presentation in LAX or ... is a good
>> CM> idea as well?
>>
>> The tools that Sparta developed (and made freely available via an open
>> source packaged that is BSD licensed) can be found at
>> http://www.dnssec-tools.org/ .  In particular, signing a zone is
>
>yup, and that's helpful stuff.
>

Great, we're trying to provide tools that will help with the deployment and
operation of DNSSEC.  We also try to keep a listing of all the 'pieces'
that we know about that could be helpful to folks who want to deploy and
use DNSSEC in various ways whether they are operating a signed zone,
running a validating resolver or wanting DNSSEC-aware applications. The url
for the listing is:

http://www.dnssec-deployment.org/tracker

We provide the listing as community resource and try to keep it reasonably
current. But we are always on the lookout for additional information (&
corrections) to the list - if you have any, please let me know.

------------->snip<--------------
>>
>> All for free.  Don't you hate those ??biased??, freely-available,
>> source-code-supplied-so-you-can-change-it, BSD-licensed open source
>> packages?
>> --
>
>I like free... as long as it's the hammer I need for the nails I have.
>
>-Chris

We don't try to keep track of things in the listing by whether they or free
or not but I know a lot of them have typical open source type of licenses.

Russ

• Prev by Date: RE: Multiple DNS implementations vulnerable to cache poisoning
• Next by Date: Re: Multiple DNS implementations vulnerable to cache poisoning
• Date Index
• Thread Index
• Author Index
• Historical