how to protect name servers against cache corruption
Paul A Vixie
vixie at vix.com
Wed Jul 30 02:30:04 UTC 1997
> To reiterate: BIND 8.1.1 is not immune to all the variants of the attack
> used by the Alternic,
False. The attacks which remain are not variants of the bug exploited by
AlterNIC, which was a program bug rather than a protocol misfeature.
> and there are very real security problems that remain
> (and will continue to remain) until the implementation of DNSSEC
> (according to Mr. Vixie).
True.
> As this thread is now rapidly losing it's operations context (as well as
> it's informative value), I'd suggest we now move towards killing it.
As soon as messages containing misstatements like the one above stop
appearing, I for one will be happy to return to lurk status.
More information about the NANOG
mailing list