[11424] in North American Network Operators' Group
Re: how to protect name servers against cache corruption
daemon@ATHENA.MIT.EDU (Ben Black)
Tue Jul 29 22:40:28 1997
Date: Tue, 29 Jul 1997 22:13:38 -0400 (EDT)
From: Ben Black <black@zen.cypher.net>
To: Paul A Vixie <vixie@vix.com>
cc: nanog@merit.edu
In-Reply-To: <199707300159.SAA20765@wisdom.rc.vix.com>
i say again that although it cannot be made completely secure in the
DNSSEC sense, it can absolutely be made far more resistant to some
*known* attacks without significant code changes.
ben
On Tue, 29 Jul 1997, Paul A Vixie wrote:
> Let me put this another more interesting and more direct way.
>
> Postulate a name server with the following properties:
>
> 1. Actually works on and is connected to the live Internet.
> 2. RFC compliant except as nec'y to comply with #1 above.
> 3. No DNSSEC, no TSIG, no SECUPD.
> 4. Completely bug free.
>
> You go right ahead and build that name server, and I will drive a truck,
> no, better still a bus or even a backhoe, right through its front window.
>
> DNS is not secure and cannot be made so. BIND-8.1.1 is the best there is,
> and it's what you should run, but as long as you run DNS without DNSSEC,
> your confidence level should be set accordingly.
>
> PS:
>
> BIND is definitely #1, is almost #2, is definitely #3, and trying to be #4.
>
