Full Disclosure: Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion)

["Robert Holgstad" <rholgstad () gmail com>]

yes you better listen to Paul. He handles windows updates for a large
network and was the second person to subscribe to a list full of trolls.

On Tue, Jul 15, 2008 at 10:47 AM, Paul Schmehl <pschmehl_lists () tx rr com>
wrote:

> --On Tuesday, July 15, 2008 09:14:39 +1000 Mark Andrews <
> Mark_Andrews () isc org>
> wrote:
> >       And the best solution to this attack is to deploy DNSSEC.
> >       You don't care where the response comes from provide the
> >       signatures are good.
> Except that DNSSEC is going to have to improve dramatically to achieve
> widespread adoption.  Right now it's a PITA to understand and implement and
> then 30 days later you have to do it all over again.  Frankly, it's not
> worth
> the effort until the technology improves enough to make it easier to
> implement
> and maintain.
>
> I know you don't want to hear that, but that's the truth.
>
> --
> Paul Schmehl
> As if it wasn't already obvious,
> my opinions are my own and not
> those of my employer.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/