Bugtraq: Re: glibc resolver weakness

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: glibc resolver weakness

From: bet () RAHUL NET (Bennett Todd)
Date: Wed, 3 May 2000 15:30:48 -0400


For those sufficiently paranoid to worry about such things, one
solution (I believe, if I'm not misunderstanding the nature of the
threat) is to run a well-written, efficient, secure caching
nameserver on each and every local system, putting 127.0.0.1 in
/etc/resolv.conf.

One great caching nameserver is djb's dnscache, at
<URL:http://cr.yp.to/dnscache.html>.

-Bennett

<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>

By Date By Thread

Current thread:

Re: Denial of service attack against tcpdump, (continued)
- glibc resolver weakness antirez (May 02)
  - Re: glibc resolver weakness Bennett Todd (May 03)
  - Re: glibc resolver weakness Valdis.Kletnieks () VT EDU (May 03)
  - Re: glibc resolver weakness Andrew Brown (May 03)
  - Cayman 3220-H DSL Router DOS cassius () HUSHMAIL COM (May 05)
- Fun with UltraBoard V1.6X rudi carell (May 03)
  - Fwd: tcpdump workaround against dnsloop exploit. THE INFAMOUS (May 03)