Multiple DNS implementations vulnerable to cache poisoning

Chris Adams cmadams at hiwaay.net
Tue Jul 8 23:15:00 CDT 2008


Once upon a time, Jean-François Mezei <jfmezei at vaxination.ca> said:
> The tool uses my internet facing IP as my DNS server and tells me I am
> vulnerable. Since, from the internet, connecting to that IP at port 53
> will not get you to a DNS server, I find the tool's conclusion rather
> without much value.

There are many ways to get your server to look something up other than
allowing direct queries.
-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.




More information about the NANOG mailing list