Home page logo
/

nanog logo nanog mailing list archives

Re: how to protect name servers against cache corruption
From: "Perry E. Metzger" <perry () piermont com>
Date: Tue, 29 Jul 1997 22:30:50 -0400


"Thomas H. Ptacek" writes:
Paul has made it clear that there are holes in the DNS protocols that
cannot be fixed without DNSSEC. He isn't papering anything over -- he

Thank you for clearing this up. For the record, my only intention is to
clarify the facts surrounding the DNS security issues that have been
popularized by the recent Alternic attacks. I think I have done this. To
reiterate: BIND 8.1.1 is not immune to all the variants of the attack used
by the Alternic,

No, it *is* immune to all variants on *THAT* attack. It isn't immune
to other sorts of attacks.

Perry


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]