[94936] in North American Network Operators' Group
Re: DNS: Definitely Not Safe?
daemon@ATHENA.MIT.EDU (MARLON BORBA)
Wed Feb 14 13:29:38 2007
Date: Wed, 14 Feb 2007 16:22:44 -0200
From: "MARLON BORBA" <MBORBA@trf3.gov.br>
To: <nanog@merit.edu>, "Paul Vixie" <vixie@vix.com>
Errors-To: owner-nanog@merit.edu
mea culpa, mea maxima culpa :-(
my intention, when suggested that reading, was to get your attention about =
that recent attack which targeted DNS top-level servers and to listen your =
opinions.
i promise not to post porn, ops, FUD material to nanog again.
Abra=E7os,
Marlon Borba, CISSP, DataCenter Associate
T=E9cnico Judici=E1rio - Seguran=E7a da Informa=E7=E3o
TRF 3=AA Regi=E3o
(11) 3012-1683
--
1997-2007 - Dez Anos da DSUP.
Conhecimento Gerando Solu=E7=F5es.
--
>>> Paul Vixie <vixie@vix.com> 14/2/2007 15:01:09 >>>
bortzmeyer@nic.fr (Stephane Bortzmeyer) writes:
> It may be on-topic but it is full of FUD, mistakes and blatant
> b...t. Certainly not the recommended reading for the sysadmin.
i think you're being way to kind here.
> The best stupid sentence is the one asking firewalls in front of the
> DNS servers... to prevent tunneling data over DNS!
just as the most common lie told by spammers is "dear friend", so it is
that the biggest error in this piece is in the first sentence:
When it comes to the Web's domain name system (DNS),
this guy was probably writing netware-vs-smb comparisons during the two
decades that the internet existed before the web came along. the web is
an internet application, and the dns is part of the internet, not part of
the web. the rest of the article is equally horrific in its maltreatment
and ignorance of facts.
--=20
Paul Vixie
