Re: Exploit for DNS Cache Poisoning - RELEASED

• From: Florian Weimer
• Date: Sat Jul 26 15:42:16 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

* Paul Vixie:

> in <http://permalink.gmane.org/gmane.linux.redhat.fedora.general/306278>
> we see this text:
>
> 	The DNS attacks are starting!!!
>
> 	Below is a snippet of a logwatch from last night.  Be sure all DNS
> 	servers are updated if at all possible.  The spooks are out in full
> 	on this security vulnerability in force.
>
> 	THIS IS YOUR LAST WARNING...!!!
> 	Patch or Upgrade NOW!
>
> 	...
>
> this ought to be an interesting weekend.

It's from a Georgia Tech address, so it's likely some sort of monitoring
effort by David Dagon.  I see it in my logs, too.

• References:
  • Re: Exploit for DNS Cache Poisoning - RELEASED Alexander Harrowell
  • Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie

• Prev by Date: Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
• Next by Date: Re: Software router state of the art
• Date Index
• Thread Index
• Author Index
• Historical