[78993] in North American Network Operators' Group
Re: DNS cache poisoning attacks -- are they real?
daemon@ATHENA.MIT.EDU (Randy Bush)
Mon Mar 28 01:12:24 2005
From: Randy Bush <randy@psg.com>
Date: Sun, 27 Mar 2005 22:11:54 -0800
To: John Payne <john@sackheads.org>
Cc: "Christopher L. Morrow" <christopher.morrow@mci.com>,
nanog@merit.edu
Errors-To: owner-nanog@merit.edu
> And to Randy's point about problems with open recursive nameservers...
> abusers have been known to cache "hijack". Register a domain,
> configure an authority with very large TTLs, seed it onto known open
> recursive nameservers, update domain record to point to the open
> recursive servers rather than their own. Wammo, "bullet proof" dns
> hosting.
as has been said here repeatedly, you should not be running servers,
recursive or not, on old broken and vulnerable software.
randy
