Multiple DNS implementations vulnerable to cache poisoning

Andrews Carl 455 Carl.Andrews at crackerbarrel.com
Thu Jul 10 14:02:42 CDT 2008


https://www.dns-oarc.net 

-----Original Message-----
From: Michael Sinatra [mailto:michael at rancid.berkeley.edu] 
Sent: Thursday, July 10, 2008 1:13 PM
To: Jay R. Ashworth
Cc: nanog at nanog.org
Subject: Re: Multiple DNS implementations vulnerable to cache poisoning

On 07/10/08 11:03, Jay R. Ashworth wrote:
> Another test, that apparently was publicized on some dnsops list:
> 
> dig +short porttest.dns-oarc.net TXT

The "some dnsops list" is the OARC public dns-operations list, and this
posting explains the tool and briefly describes the results:

http://lists.oarci.net/pipermail/dns-operations/2008-July/002932.html

There's a healthy discussion of this vuln and DNSSEC going on over
there, and that list is an appropriate forum for further discussion of
this topic.

michael





More information about the NANOG mailing list