how to protect name servers against cache corruption

• Previous message (by thread): how to protect name servers against cache corruption
• Next message (by thread): how to protect name servers against cache corruption
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> BIND 4.9.6 and 8.1.1 are immune to all known attacks, including the one

[ splice ]

> I know of attacks we are not immune to, which cannot be stopped without

Um. I hate to play semantic games, but if you know of attacks that BIND
8.1.1 is not immune to, then BIND 8.1.1 is not immune to all known
attacks.

Since this is not a security list, I'll refrain from (rhetorically)
informing you that history doesn't back up your assertion of the existence
of "holes that only the good guys know".

Oops. Sorry about that.

Thanks for clearing this up!

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf at enteract.com]
----------------
"If you're so special, why aren't you dead?"

• Previous message (by thread): how to protect name servers against cache corruption
• Next message (by thread): how to protect name servers against cache corruption
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]