[105886] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Multiple DNS implementations vulnerable to cache poisoning

daemon@ATHENA.MIT.EDU (Chris Adams)
Wed Jul 9 00:15:24 2008

Date: Tue, 8 Jul 2008 23:15:00 -0500
From: Chris Adams <cmadams@hiwaay.net>
To: nanog@nanog.org
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, nanog@nanog.org
In-Reply-To: <487438D1.6020300@vaxination.ca>
Errors-To: nanog-bounces@nanog.org

Once upon a time, Jean-François Mezei <jfmezei@vaxination.ca> said:
> The tool uses my internet facing IP as my DNS server and tells me I am
> vulnerable. Since, from the internet, connecting to that IP at port 53
> will not get you to a DNS server, I find the tool's conclusion rather
> without much value.

There are many ways to get your server to look something up other than
allowing direct queries.
-- 
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[105886] in North American Network Operators' Group

Re: Multiple DNS implementations vulnerable to cache poisoning

daemon@ATHENA.MIT.EDU (Chris Adams)Wed Jul 9 00:15:24 2008

daemon@ATHENA.MIT.EDU (Chris Adams)
Wed Jul 9 00:15:24 2008