Re: DNS cache poisoning attacks -- are they real?

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: DNS cache poisoning attacks -- are they real?

From: Sam Hayes Merritt, III
Date: Tue Mar 29 13:57:44 2005

When I reported this the bug/feature was changed but I noticed a while
back (late 8.x maybe 9.0) that it is back. So if the purp can get you to
the wrong server only once it may be possible to keep you there.

It was actually fixed in 9.2.3rc1.

1429. [bug] Prevent the cache getting locked to old servers.

See this thread: http://marc.theaimsgroup.com/?t=111057230600004&r=1&w=4

Of course I still don't think its a bug, and it forced people to remember to actually finish the job when they moved their DNS around. But whatever, its easier than doing a rndc flushname name (which finally got put in).

sam

References:
- DNS cache poisoning attacks -- are they real? Florian Weimer
- Re: DNS cache poisoning attacks -- are they real? Sean Donelan
- Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian
- Re: DNS cache poisoning attacks -- are they real? Joe Maimon
- Re: DNS cache poisoning attacks -- are they real? Randy Bush
- Re: DNS cache poisoning attacks -- are they real? Christopher L. Morrow
- Re: DNS cache poisoning attacks -- are they real? John Payne
- Re: DNS cache poisoning attacks -- are they real? Chris Brenton
- Re: DNS cache poisoning attacks -- are they real? Joe Maimon
- Re: DNS cache poisoning attacks -- are they real? Chris Brenton

Prev by Date: Re: The U.N. thinks about tomorrow's cyberspace
Next by Date: Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]
Date Index
Thread Index
Author Index
Historical