TLD servers with recursion was Re: Exploit for DNS CachePoisoning- RELEASED

Martin Hannigan hannigan at verneglobal.com
Thu Jul 24 12:13:12 CDT 2008


> -----Original Message-----
> From: Gadi Evron [mailto:ge at linuxbox.org]
> Sent: Thursday, July 24, 2008 11:52 AM
> To: Martin Hannigan
> Cc: nanog at nanog.org
> Subject: RE: TLD servers with recursion was Re: Exploit for DNS
> CachePoisoning- RELEASED
> 
> On Thu, 24 Jul 2008, Martin Hannigan wrote:
> >
> >
> >>
> >> I personally know several folks from within and wayyy from outside
> the
> >> DNS
> >> world who discovered this very out there and obvious issue and
> worked
> >> hard
> >> to try and contact the operators. Those that haven't fixed it yet,
> >> likely
> >> won't if all thing remain even.
> >>
> >
> >
> > I don't know that a failure to act immediately is indicative of
> ignoring
> > the problem. Not to defend AT&T or any other provider, but it's not
> as
> > simple as rolling out a patch.
> 
> Marty, are we talking of the same problem? I am talking about
recursion
> enabled in bind?
> 


I'm reading this as a complaint that people aren't fixing an obvious
problem that has a high impact on the network. You're making sense in
that respect, but my impression that the angst is in the speed of the
fix, not in the need. 

If that observation is off, sorry.

-M<







More information about the NANOG mailing list