[106222] in North American Network Operators' Group
RE: TLD servers with recursion was Re: Exploit for DNS
daemon@ATHENA.MIT.EDU (Martin Hannigan)
Thu Jul 24 13:13:26 2008
Date: Thu, 24 Jul 2008 17:13:12 -0000
In-Reply-To: <Pine.LNX.4.62.0807241051150.26086@linuxbox.org>
From: "Martin Hannigan" <hannigan@verneglobal.com>
To: "Gadi Evron" <ge@linuxbox.org>
X-Skyrr-MailScanner-From: hannigan@verneglobal.com
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
> -----Original Message-----
> From: Gadi Evron [mailto:ge@linuxbox.org]
> Sent: Thursday, July 24, 2008 11:52 AM
> To: Martin Hannigan
> Cc: nanog@nanog.org
> Subject: RE: TLD servers with recursion was Re: Exploit for DNS
> CachePoisoning- RELEASED
>=20
> On Thu, 24 Jul 2008, Martin Hannigan wrote:
> >
> >
> >>
> >> I personally know several folks from within and wayyy from outside
> the
> >> DNS
> >> world who discovered this very out there and obvious issue and
> worked
> >> hard
> >> to try and contact the operators. Those that haven't fixed it yet,
> >> likely
> >> won't if all thing remain even.
> >>
> >
> >
> > I don't know that a failure to act immediately is indicative of
> ignoring
> > the problem. Not to defend AT&T or any other provider, but it's not
> as
> > simple as rolling out a patch.
>=20
> Marty, are we talking of the same problem? I am talking about
recursion
> enabled in bind?
>=20
I'm reading this as a complaint that people aren't fixing an obvious
problem that has a high impact on the network. You're making sense in
that respect, but my impression that the angst is in the speed of the
fix, not in the need.=20
If that observation is off, sorry.
-M<
