Multiple DNS implementations vulnerable to cache poisoning

• Previous message (by thread): Multiple DNS implementations vulnerable to cache poisoning
• Next message (by thread): Multiple DNS implementations vulnerable to cache poisoning
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michael C. Toren wrote:

>         bash$ ./noclicky 68.87.76.181 
>         Looking up r14z2k52m6uj.toorrr.com against 68.87.76.181
>         Fetching http://209.200.168.66/fprint/r14z2k52m6uj
>         Requests seen for r14z2k52m6uj.toorrr.com:
>           68.87.76.181:17244 TXID=23113
>           68.87.76.181:17219 TXID=31336
>           68.87.76.181:17270 TXID=1613
>           68.87.76.181:16987 TXID=22846
>           68.87.76.181:16974 TXID=24013
>         Your nameserver appears to be safe
> 

Thanks for the explanation. I used wireshark to capture the DNS traffic
from my server to the outside world while running the doxpara.com test.

My DNS server made the various DNS requests from the same port and is
thus vulnerable. (VMS TCPIP Services so no patches expected).

• Previous message (by thread): Multiple DNS implementations vulnerable to cache poisoning
• Next message (by thread): Multiple DNS implementations vulnerable to cache poisoning
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]