Multiple DNS implementations vulnerable to cache poisoning
shrdlu at deaddrop.org
Tue Jul 8 20:26:01 CDT 2008
Owen DeLong wrote:
> The tool, unfortunately, only goes after the server it thinks you are
> using to recurse from the client where you're running your browser.
> This makes it hard to test servers being used in production
> environments without GUIs. The tool is not Lynx compatible.
Figures. It's becoming a pointy-clicky world. I don't like it much, either.
> On Jul 8, 2008, at 5:12 PM, Lynda wrote:
>> This is also being covered over on the Defcon Forums. Jeff Moss has
>> said that he'll post the link to the interview that Kaminsky is doing
>> right now, after it's over.
Here's the direct link, for the curious:
Audio of Dan's press interview:
I'll see whether someone can pry the code loose from Dan, rather than
having it hidden under a button. As Christian Koch said, the tool isn't
really directed at NANOG folk. I'm sure that it could be modified so
that it was. I note that BIND has been updated on all your favorite
operating systems, which should help some. Still, the updates just
barely happened, and then the announcement hit.
In April 1951, Galaxy published C.M. Kornbluth's "The Marching Morons".
The intervening years have proven Kornbluth right.
More information about the NANOG