marka at isc.org
Tue Nov 25 01:00:05 UTC 2014
In message <FDF98A3E-6BDC-4D85-8826-B3B8DC6EC725 at gmail.com>, George Herbert writes:
> > On Nov 24, 2014, at 4:18 PM, Randy Epstein <nanog at hostleasing.net>
> > Actually, he didn’t hack its records either. He exploited a bug in
> ...returned a legit response plus a tacked-on glue record for
> www.internic.net anytime you queried his nameserver, which he tricked
> people into doing with mixtures of sending you mail, hitting open DNS
> servers with queries for his domain, and another thing I still don't want
> to talk about.
> Paul was more widely quoted and knew his BIND vulnerability better; he
> can always out-pedant me on this one.
More a protocol bug which lead to DNSSEC, which allows you to accept
a answer from anywhere so long as it is signed and validates as
secure, which most of you have yet to deploy.
> I did get a few press quotes, though.
> Your fu is weak, Randyhopper. Train harder! ;-)
> George William Herbert
> Sent from my iPhone
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG