Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: AOL breaking dns spoof protection

  • From: Paul Vixie
  • Date: Thu Aug 07 17:29:05 2003

pete@he.iki.fi ("Petri Helenius") writes:

> Im constantly seeing responses to queries for AOL servers which come
> in from different IP addresses than the query was sent to.

due to the weakness of the 16-bit query id field, bind will throw that
stuff away.  the source address and port has to match the destination
of the query, and the question section has to be copied in its entirety.

i don't know who aol is going to be able to send responses to who won't
apply those same restrictions.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.