Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS cache poisoning attacks -- are they real?

  • From: John Payne
  • Date: Mon Mar 28 10:55:11 2005


On Mar 28, 2005, at 1:11 AM, Randy Bush wrote:

And to Randy's point about problems with open recursive nameservers...
abusers have been known to cache "hijack".  Register a domain,
configure an authority with very large TTLs, seed it onto known open
recursive nameservers, update domain record to point to the open
recursive servers rather than their own.  Wammo, "bullet proof" dns
hosting.
as has been said here repeatedly, you should not be running servers,
recursive or not, on old broken and vulnerable software.
Huh? I think you do not understand. Do not mistake "cache hijack" for "cache poison".

This is _nothing_ to do with what you're running on the recursive nameserver. It is doing _exactly_ what it is supposed to do. Get answers, store in cache, respond to queries from cache if TTL isn't expired.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.