nanog mailing list archives

Re: DNS cache poisoning attacks -- are they real?

From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Mon, 28 Mar 2005 20:26:46 +0530


On Mon, 28 Mar 2005 16:40:22 +0100, Brad Knowles
<brad () stop mail-abuse org> wrote:

        If you want to use your own resolver remotely like this, I can't
really say too much about that.  However, in that case I would
encourage you to ensure that the server is closed to queries from
outside sources unless those sources are cryptographically
authenticated.


Not even mine as a matter of fact.  My DSL ISP's. :)

Current thread:

Re: DNS cache poisoning attacks -- are they real?, (continued)
- - - Re: DNS cache poisoning attacks -- are they real? Joe Maimon (Mar 27)
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 27)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Florian Weimer (Mar 29)
    - Re: DNS cache poisoning attacks -- are they real? Randy Bush (Mar 27)
    - Blocking port 53 Sean Donelan (Mar 27)
    - Re: Blocking port 53 Randy Bush (Mar 27)
    - Re: Blocking port 53 John Levine (Mar 27)
    - how about the basics? [was: Re: Blocking port 53] Gadi Evron (Mar 28)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian (Mar 27)
    - Message not available
    - Re: DNS cache poisoning attacks -- are they real? Suresh Ramasubramanian (Mar 28)