[79001] in North American Network Operators' Group
Re: DNS cache poisoning attacks -- are they real?
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Mar 28 09:57:39 2005
Date: Mon, 28 Mar 2005 20:26:46 +0530
From: Suresh Ramasubramanian <ops.lists@gmail.com>
Reply-To: Suresh Ramasubramanian <ops.lists@gmail.com>
To: Brad Knowles <brad@stop.mail-abuse.org>
Cc: Sean Donelan <sean@donelan.com>,
Florian Weimer <fw@deneb.enyo.de>, nanog@merit.edu
In-Reply-To: <p06200744be6dd5942ea4@10.0.1.3>
Errors-To: owner-nanog@merit.edu
On Mon, 28 Mar 2005 16:40:22 +0100, Brad Knowles
<brad@stop.mail-abuse.org> wrote:
> If you want to use your own resolver remotely like this, I can't
> really say too much about that. However, in that case I would
> encourage you to ensure that the server is closed to queries from
> outside sources unless those sources are cryptographically
> authenticated.
Not even mine as a matter of fact. My DSL ISP's. :)