[11471] in North American Network Operators' Group
Re: how to protect name servers against cache corruption
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Wed Jul 30 15:54:59 1997
Date: Wed, 30 Jul 1997 15:27:23 -0400
From: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>
To: Paul A Vixie <vixie@vix.com>
Cc: nanog@merit.edu
In-Reply-To: <199707301809.LAA21188@wisdom.rc.vix.com>; from Paul A Vixie <vixie@vix.com> on Wed, Jul 30, 1997 at 11:09:24AM -0700
On Wed, Jul 30, 1997 at 11:09:24AM -0700, Paul A Vixie wrote:
> > 3) If it was that easy to do, why hasn't it happened again?
>
> because that particular attack only works if you are willing to get caught.
Nicely put. Although accidents do happen, like the genieweb.com
answering for ".com" debacle a couple weeks back.
> > 4) How can I check for cache corruption?
>
> "dig @0 www.netsol.com a" and "dig @cache00.ns.uu.net www.netsol.com a" and
> check for differences.
Paul: I assume dig @0 is an idiom for localhost? (Apologies for being
less than familiar with dig, it's not on this machine, and I'm not the
admin.)
> > Apologies if any of the above sound moronic or ill-informed; extracting
> > facts from reams of "what is a backhoe" mail list is a painfully slow task.
> > Time for some filters I think...
>
> no apologia needed. public explainations of this attack have been poor, even
> and especially by me. i'm grateful for the opportunity to improve on that.
I hadn't thought that the explanations were all _that_ weak... and I'm
on 7 lists, and the backhoe traffic didn't bother _me_ that much.
Perhaps time for a new mail program, or a faster link?
Cheers,
-- jr '30 newsgroups, too' a
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "People propose, science studies, technology
Tampa Bay, Florida conforms." -- Dr. Don Norman +1 813 790 7592
