Home page logo

nanog logo nanog mailing list archives

From: Valdis.Kletnieks () vt edu
Date: Sat, 26 May 2001 19:43:17 -0400

On Sat, 26 May 2001 19:23:16 EDT, Mitch Halmu said:
Did I happen to mention MAPS in my post? I didn't. The argument was made
for ORBS, or any FOREIGN entity that blocks North American networks.
ORBS fans in this country will have lots of explaining to do and hell to 
pay if any foreign entity exploits this weakness to attack US interests
in an international incident.

For those who read Computerworld, a co-worker of mine was quoted on page 1
of the May 21 issue, saying "You can expect to see major liability lawsuits
in the next 18 months or so".  Better install those IIS patches *NOW* -
I'm more concerned about a lawyer attack than an international terrorist

OK.. so a hostile site *could* use DNS cache poisoning or hack the
ORBS DNS servers to screw up your e-mail.  On the other hand, you have
the *EXACT* same vulnerability for *ANY* use of DNS.  So unless you're
using /etc/hosts exclusively, you have *bigger* problems if faced by a
determined adversary.  Frankly, if *I* were a determined adversary, the
site's use of ORBS would be the least of their problems.

I don't know.. maybe the foreign terrorists are like the Three Stooges - they
DID catch the guys who bombed the World Trade Center when one of them tried
to get back the deposit on the now-destroyed truck.....

For bonus points - if anybody is both paranoid and anal-retentive enough
to care about this sort of thing, I presume you *HAVE* edited your DNS
cache hints to only include root name servers that are located on US soil,
and reachable entirely by communications links that do not take a loop
through non-US territories.

THere *will* be hell to pay if foreign terrorists take over a root name
server that's outside the US, after all....
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]