[105953] in North American Network Operators' Group
RE: Multiple DNS implementations vulnerable to cache poisoning
daemon@ATHENA.MIT.EDU (Andrews Carl 455)
Thu Jul 10 15:06:58 2008
Date: Thu, 10 Jul 2008 14:02:42 -0500
In-Reply-To: <48765128.4020309@rancid.berkeley.edu>
From: "Andrews Carl 455" <Carl.Andrews@crackerbarrel.com>
To: "Michael Sinatra" <michael@rancid.berkeley.edu>,
"Jay R. Ashworth" <jra@baylink.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
https://www.dns-oarc.net=20
-----Original Message-----
From: Michael Sinatra [mailto:michael@rancid.berkeley.edu]=20
Sent: Thursday, July 10, 2008 1:13 PM
To: Jay R. Ashworth
Cc: nanog@nanog.org
Subject: Re: Multiple DNS implementations vulnerable to cache poisoning
On 07/10/08 11:03, Jay R. Ashworth wrote:
> Another test, that apparently was publicized on some dnsops list:
>=20
> dig +short porttest.dns-oarc.net TXT
The "some dnsops list" is the OARC public dns-operations list, and this
posting explains the tool and briefly describes the results:
http://lists.oarci.net/pipermail/dns-operations/2008-July/002932.html
There's a healthy discussion of this vuln and DNSSEC going on over
there, and that list is an appropriate forum for further discussion of
this topic.
michael
