[57012] in North American Network Operators' Group
Re: how to get people to upgrade? (Re: The weak link? DNS)
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Mar 26 13:36:02 2003
To: william@elan.net
Cc: nanog@merit.edu
In-Reply-To: Your message of "Wed, 26 Mar 2003 08:14:45 PST."
<Pine.LNX.4.44.0303260705420.5866-100000@sokol.elan.net>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 26 Mar 2003 13:32:30 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_179271144P
Content-Type: text/plain; charset=us-ascii
On Wed, 26 Mar 2003 08:14:45 PST, william@elan.net said:
>
> What are you talking about, DNS check option will work great for BIND,
> I mean if BIND can not get to the root server and thereafter to ISC, you
> don't have to worry about it getting hacked, its probably not connected to
Keep in mind that the *really* damaging security incidents tend to be the
ones with skilled and/or insider attackers. And if you've scored some
secretary's PC inside the corporate net, a DNS server inside the net
(and unable to contact the outside world) makes a GREAT way to leverage
the foothold....
--==_Exmh_179271144P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE+gfI8cC3lWbTT17ARAgImAJ93MgTd8oggqbfFfUe7OOH9YeFcagCeI9XJ
k/feMI/mzP8asWR0qVreO0U=
=ff8T
-----END PGP SIGNATURE-----
--==_Exmh_179271144P--
