Multiple DNS implementations vulnerable to cache poisoning
Lynda
shrdlu at deaddrop.org
Wed Jul 9 01:26:01 UTC 2008
Owen DeLong wrote:
> The tool, unfortunately, only goes after the server it thinks you are
> using to recurse from the client where you're running your browser.
>
> This makes it hard to test servers being used in production
> environments without GUIs. The tool is not Lynx compatible.
Figures. It's becoming a pointy-clicky world. I don't like it much, either.
> On Jul 8, 2008, at 5:12 PM, Lynda wrote:
>
>> This is also being covered over on the Defcon Forums. Jeff Moss has
>> said that he'll post the link to the interview that Kaminsky is doing
>> right now, after it's over.
Here's the direct link, for the curious:
Audio of Dan's press interview:
https://media.blackhat.com/webinars/...conference.mp3
I'll see whether someone can pry the code loose from Dan, rather than
having it hidden under a button. As Christian Koch said, the tool isn't
really directed at NANOG folk. I'm sure that it could be modified so
that it was. I note that BIND has been updated on all your favorite
operating systems, which should help some. Still, the updates just
barely happened, and then the announcement hit.
--
In April 1951, Galaxy published C.M. Kornbluth's "The Marching Morons".
The intervening years have proven Kornbluth right.
--Valdis Kletnieks
More information about the NANOG
mailing list