Multiple DNS implementations vulnerable to cache poisoning
Tuc at T-B-O-H.NET
ml at t-b-o-h.net
Fri Jul 11 14:58:01 UTC 2008
> it appears to be pretty easy to write a non-AJAX client to query Dan's
> service. I threw one together in perl, named "noclicky", that allows you
> to use Dan's service against any nameserver specified on the command line.
> You can download a copy from <http://michael.toren.net/code/noclicky/>.
It looks like Dan changed what it returns, and noclicky 1.00 gets
confused. You can fix this, atleast until MCT comes out with a new version,
by putting :
my $date = shift @data;
before the line :
print "Requests seen for $domain:\n";
More information about the NANOG