[11416] in North American Network Operators' Group
Re: how to protect name servers against cache corruption
daemon@ATHENA.MIT.EDU (Thomas H. Ptacek)
Tue Jul 29 21:55:41 1997
From: "Thomas H. Ptacek" <tqbf@enteract.com>
To: vixie@vix.com (Paul A Vixie)
Date: Tue, 29 Jul 1997 20:30:18 -0500 (CDT)
Cc: tqbf@enteract.com, nanog@merit.edu
Reply-To: tqbf@enteract.com
In-Reply-To: <199707300108.SAA20679@wisdom.rc.vix.com> from "Paul A Vixie" at Jul 29, 97 06:08:50 pm
> BIND 4.9.6 and 8.1.1 are immune to all known attacks, including the one
[ splice ]
> I know of attacks we are not immune to, which cannot be stopped without
Um. I hate to play semantic games, but if you know of attacks that BIND
8.1.1 is not immune to, then BIND 8.1.1 is not immune to all known
attacks.
Since this is not a security list, I'll refrain from (rhetorically)
informing you that history doesn't back up your assertion of the existence
of "holes that only the good guys know".
Oops. Sorry about that.
Thanks for clearing this up!
----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"
