Great Suggestion for the DNS problem...?

• Previous message (by thread): Great Suggestion for the DNS problem...?
• Next message (by thread): Possible prod to people to upgrade DNS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> What would the ip-blocking BGP feed accomplish? Spoofed source 
> addresses are a staple of the DNS cache poisoning attack.
> Worst case scenario, you've opened yourself up to a new avenue of 
> attack where you're nameservers are receiving spoofed packets intended 
> to trigger a blackhole filter, blocking communication between your 
> network and the legitimate owner of the forged ip address.
>

Yes, but what about blocking the addresses of recursive resolvers that 
are not yet patched?

That would certainly stop them from being poisoned, and incent their 
owners to patch...

1/2 :-)

Brian

> Michael Smith wrote:
>
>     Still off topic, but perhaps a BGP feed from Cymru or similar to 
> block IP
>     addresses on the list?
>
>     Regards,
>
>     Mike

• Previous message (by thread): Great Suggestion for the DNS problem...?
• Next message (by thread): Possible prod to people to upgrade DNS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]