nanog mailing list archives
Re: DNS cache poisoning attacks -- are they real?
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 28 Mar 2005 00:14:01 +0200
* Alex Bligh:
--On 26 March 2005 23:23 +0100 Florian Weimer <fw () deneb enyo de> wrote:Should we monitor for evidence of hijacks (unofficial NS and SOA records are good indicators)? Should we actively scan for authoritative name servers which return unofficial data?And what if you find them?
If leaking unofficial data were considered a capital offense (in Internet terms), many ISPs would take action. Apparently, it's not, so detection is pretty much pointless.
The only way you are going to prevent packet level (as opposed to organization level) DNS hijack is get DNSSEC deployed.
DNS cache poisoning (at least in the form which prompted me to start this thread) is a quality-of-implementation issue. DNSSEC will not magically increase code quality (but it will definitely increase complexity), that's why I don't share the enthusiasm of the DNSSEC crowed. 8->
Current thread:
- DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Alex Bligh (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
- Re: DNS cache poisoning attacks -- are they real? Sean Donelan (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Sean Donelan (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Jeff Kell (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Joe Abley (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Sean Donelan (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Joe Abley (Mar 26)
- Re: DNS cache poisoning attacks -- are they real? Niels Bakker (Mar 27)
- Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
- Re: DNS cache poisoning attacks -- are they real? Edward Lewis (Mar 28)
- Re: DNS cache poisoning attacks -- are they real? Alex Bligh (Mar 26)