how to protect name servers against cache corruption

• Previous message (by thread): how to protect name servers against cache corruption
• Next message (by thread): how to protect name servers against cache corruption
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> To reiterate: BIND 8.1.1 is not immune to all the variants of the attack
> used by the Alternic,

False.  The attacks which remain are not variants of the bug exploited by
AlterNIC, which was a program bug rather than a protocol misfeature.

>                     and there are very real security problems that remain
> (and will continue to remain) until the implementation of DNSSEC
> (according to Mr. Vixie).

True.

> As this thread is now rapidly losing it's operations context (as well as
> it's informative value), I'd suggest we now move towards killing it.

As soon as messages containing misstatements like the one above stop 
appearing, I for one will be happy to return to lurk status.

• Previous message (by thread): how to protect name servers against cache corruption
• Next message (by thread): how to protect name servers against cache corruption
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]