[105881] in North American Network Operators' Group
Re: Multiple DNS implementations vulnerable to cache poisoning
daemon@ATHENA.MIT.EDU (Lynda)
Tue Jul 8 21:28:34 2008
Date: Tue, 08 Jul 2008 18:26:01 -0700
From: Lynda <shrdlu@deaddrop.org>
To: Nanog <nanog@nanog.org>
In-Reply-To: <2165D146-C2EA-4716-B55C-71099D78C736@delong.com>
Errors-To: nanog-bounces@nanog.org
Owen DeLong wrote:
> The tool, unfortunately, only goes after the server it thinks you are
> using to recurse from the client where you're running your browser.
>
> This makes it hard to test servers being used in production
> environments without GUIs. The tool is not Lynx compatible.
Figures. It's becoming a pointy-clicky world. I don't like it much, either.
> On Jul 8, 2008, at 5:12 PM, Lynda wrote:
>
>> This is also being covered over on the Defcon Forums. Jeff Moss has
>> said that he'll post the link to the interview that Kaminsky is doing
>> right now, after it's over.
Here's the direct link, for the curious:
Audio of Dan's press interview:
https://media.blackhat.com/webinars/...conference.mp3
I'll see whether someone can pry the code loose from Dan, rather than
having it hidden under a button. As Christian Koch said, the tool isn't
really directed at NANOG folk. I'm sure that it could be modified so
that it was. I note that BIND has been updated on all your favorite
operating systems, which should help some. Still, the updates just
barely happened, and then the announcement hit.
--
In April 1951, Galaxy published C.M. Kornbluth's "The Marching Morons".
The intervening years have proven Kornbluth right.
--Valdis Kletnieks
