DNS cache poisoning attacks -- are they real?
Sam Hayes Merritt, III
sam at themerritts.org
Tue Mar 29 18:56:37 UTC 2005
> When I reported this the bug/feature was changed but I noticed a while
> back (late 8.x maybe 9.0) that it is back. So if the purp can get you to
> the wrong server only once it may be possible to keep you there.
It was actually fixed in 9.2.3rc1.
1429. [bug] Prevent the cache getting locked to old servers.
See this thread: http://marc.theaimsgroup.com/?t=111057230600004&r=1&w=4
Of course I still don't think its a bug, and it forced people to remember
to actually finish the job when they moved their DNS around. But whatever,
its easier than doing a rndc flushname name (which finally got put in).
sam
More information about the NANOG
mailing list