Emerging Threats SNORT [Was: Re: Exploit for DNS Cache Poisoning - REL EASED]
fergdawg at netzero.net
Thu Jul 24 04:27:12 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:
>-- Jared Mauch <jared at puck.nether.net> wrote:
>>If your nameservers have not been upgraded or you did
>>not enable the proper flags, eg: dnssec-enable and/or dnssec-validation
>>as applicable, I hope you will take another look.
>Let's hope some very large service providers get their act together
>real soon now.
Sorry to respond to my own post, but I thought this might be of
interest to the list.
Matt Jonkman, over at Emerging Threats (previously known as Bleeding
Threats) has a 'prototype' SNORT sig for these attacks -- try it
out and provide feedback, if you are so inclined.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
-----END PGP SIGNATURE-----
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG