Home page logo

nanog logo nanog mailing list archives

Re: how to protect name servers against cache corruption
From: "Jay R. Ashworth" <jra () scfn thpl lib fl us>
Date: Wed, 30 Jul 1997 15:27:23 -0400

On Wed, Jul 30, 1997 at 11:09:24AM -0700, Paul A Vixie wrote:
3) If it was that easy to do, why hasn't it happened again?

because that particular attack only works if you are willing to get caught.

Nicely put.  Although accidents do happen, like the genieweb.com
answering for ".com" debacle a couple weeks back.

4) How can I check for cache corruption?

"dig @0 www.netsol.com a" and "dig @cache00.ns.uu.net www.netsol.com a" and
check for differences.

Paul: I assume dig @0 is an idiom for localhost?  (Apologies for being
less than familiar with dig, it's not on this machine, and I'm not the

Apologies if any of the above sound moronic or ill-informed; extracting
facts from reams of "what is a backhoe" mail list is a painfully slow task.
Time for some filters I think...

no apologia needed.  public explainations of this attack have been poor, even
and especially by me.  i'm grateful for the opportunity to improve on that.

I hadn't thought that the explanations were all _that_ weak... and I'm
on 7 lists, and the backhoe traffic didn't bother _me_ that much.

Perhaps time for a new mail program, or a faster link?

-- jr '30 newsgroups, too' a
Jay R. Ashworth                                                jra () baylink com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "People propose, science studies, technology
Tampa Bay, Florida          conforms."  -- Dr. Don Norman      +1 813 790 7592

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]