Home page logo

nanog logo nanog mailing list archives

Re: how to protect name servers against cache corruption
From: Paul A Vixie <vixie () vix com>
Date: Tue, 29 Jul 1997 19:30:04 -0700

To reiterate: BIND 8.1.1 is not immune to all the variants of the attack
used by the Alternic,

False.  The attacks which remain are not variants of the bug exploited by
AlterNIC, which was a program bug rather than a protocol misfeature.

                    and there are very real security problems that remain
(and will continue to remain) until the implementation of DNSSEC
(according to Mr. Vixie).


As this thread is now rapidly losing it's operations context (as well as
it's informative value), I'd suggest we now move towards killing it.

As soon as messages containing misstatements like the one above stop 
appearing, I for one will be happy to return to lurk status.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]