DNS Attacks

Patrick W. Gilmore patrick at ianai.net
Sun Feb 19 05:59:22 CST 2012


On Feb 19, 2012, at 10:59, Ken Gilmour <ken.gilmour at gmail.com> wrote:
> On Feb 18, 2012 10:24 PM, "Robert Bonomi" <bonomi at mail.r-bonomi.com> wrote:
>> 
>> Even better, nat to a 'bogon' DNS server -- one that -- regardless of the
>> query -- returns the address of a dedicated machine on your network set up
>> especially for this purpose.
> 
> What happens when the client sends a POST from a cached page on the end
> user's machine? E.g. if they post login credentials. Of course, they'll get
> the error page, but then you have confidential data in your logs and now
> you have to protect highly confidential info, at least if you're in europe.

It is possible to configure the web server not to log POSTed info.

-- 
TTFN,
patrick




More information about the NANOG mailing list