Multiple DNS implementations vulnerable to cache poisoning

Chris Adams cmadams at
Wed Jul 9 04:15:00 UTC 2008

Once upon a time, Jean-François Mezei <jfmezei at> said:
> The tool uses my internet facing IP as my DNS server and tells me I am
> vulnerable. Since, from the internet, connecting to that IP at port 53
> will not get you to a DNS server, I find the tool's conclusion rather
> without much value.

There are many ways to get your server to look something up other than
allowing direct queries.
Chris Adams <cmadams at>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

More information about the NANOG mailing list