DNS cache poisoning attacks -- are they real?

• Previous message (by thread): DNS cache poisoning attacks -- are they real?
• Next message (by thread): DNS cache poisoning attacks -- are they real?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mar 28, 2005, at 1:11 AM, Randy Bush wrote:

>> And to Randy's point about problems with open recursive nameservers...
>> abusers have been known to cache "hijack".  Register a domain,
>> configure an authority with very large TTLs, seed it onto known open
>> recursive nameservers, update domain record to point to the open
>> recursive servers rather than their own.  Wammo, "bullet proof" dns
>> hosting.
>
> as has been said here repeatedly, you should not be running servers,
> recursive or not, on old broken and vulnerable software.

Huh?   I think you do not understand.  Do not mistake "cache hijack" 
for "cache poison".

This is _nothing_ to do with what you're running on the recursive 
nameserver.  It is doing _exactly_ what it is supposed to do.  Get 
answers, store in cache, respond to queries from cache if TTL isn't 
expired.

• Previous message (by thread): DNS cache poisoning attacks -- are they real?
• Next message (by thread): DNS cache poisoning attacks -- are they real?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]