Exploit for DNS Cache Poisoning - RELEASED

• Previous message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Next message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 24 Jul 2008 09:10:13 -0500
"Jorge Amodio" <jmamodio at gmail.com> wrote:

> >
> > Sure, I can empathize, to a certain extent. But this issue has
> > been known for 2+ weeks now.
> >
> 
> Well we knew about the DNS issues since long time ago (20+yrs
> perhaps?), so the issue is not new, just the exploit is more easy to
> put together and chances for it to succeed are much higher.
> 
This is important.  Kaminsky took a known concept and did the hard
engineering work to make it feasible.  To slightly misuse a quote
that's more often applied to crypto, "amateurs worry about algorithms;
pros worry about economics".  The economics of the attack have now
changed.  (And we need to get DNSSEC deployed before they change even
further.)


		--Steve Bellovin, http://www.cs.columbia.edu/~smb

• Previous message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Next message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]