nanog mailing list archives
Re: how to get people to upgrade? (Re: The weak link? DNS)
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Wed, 26 Mar 2003 17:10:51 +0000 (GMT)
Perhaps nameservers could periodically poll dig @?.root-servers.net 2.2.9.is-vuln.bind. txt chaos or something similar; I suggest using roots because DNS queries to them are far less likely to be filtered. If corresponding RR is valid (see below), shut down BIND, thus forcing admins to look into the problem. Harsh? Yes. Sadly, "it runs, so it must be correct" is far more common an attitude than "it must be correct before it's allowed to run". Worried about spoofing? Distribute the public key with BIND, and let the TXT response be encoded. Of course, the clueless generally don't compile from source. I wonder how long it would be before some vendor circumvented such controls so their userbase wouldn't be hassled with such silliness as forced critical upgrades. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist () brics com> To: blacklist () brics com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist () brics com>, or you are likely to be blocked.
Current thread:
- Re: how to get people to upgrade? (Re: The weak link? DNS), (continued)
- Re: how to get people to upgrade? (Re: The weak link? DNS) william (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) william (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Jeffrey C. Ollie (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Bill Woodcock (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Dave Israel (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) william (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Niels Bakker (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Paul Vixie (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) E.B. Dreger (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Simon Lyall (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) E.B. Dreger (Mar 26)
- Re: how to get people to upgrade? (Re: The weak link? DNS) Paul Vixie (Mar 27)
- Re: The weak link? DNS Sean Donelan (Mar 26)