SANS: DNS Bug Now Public?

• Previous message (by thread): SANS: DNS Bug Now Public?
• Next message (by thread): OIX Routeviews
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

regnauld at catpipe.net (Phil Regnauld) writes:

> 	Case in point, we've got customers running around in circles
> 	screaming "we need to upgrade, please help us upgrade NOW",
> 	but they have _3_ layers of routers and firewalls that are hardcoded to
> 	only allow DNS queries from port 53.

please take this problem, and all related threads, to
<dns-operations at lists.oarci.net>.  this is NANOG.  there
are plenty of people on that other mailing list willing
to help and interested in helping with DNS issues.

fwiw, we all know that udp port randomization isn't a
panacea and that it will break many previously-working
configurations.  we just don't know what else to do NOW
while we wait for godot or whomever to deliver us DNSSEC.
-- 
Paul Vixie

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

• Previous message (by thread): SANS: DNS Bug Now Public?
• Next message (by thread): OIX Routeviews
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]