Home page logo
/

nanog logo nanog mailing list archives

Re: EMAIL != FTP
From: Mitch Halmu <mitch () netside net>
Date: Sun, 27 May 2001 19:48:41 -0400 (EDT)



On Sat, 26 May 2001 Valdis.Kletnieks () vt edu wrote:

OK.. so a hostile site *could* use DNS cache poisoning or hack the
ORBS DNS servers to screw up your e-mail.

Or ORBS could take sides in an international conflict and do it themselves.
I'm not the only one that said they blackhole for political reasons, or
that they are extremists. No sooner were those words uttered, someone
from Calcutta, India [202.86.168.81 - caltiger.com] decided to remind us 
that, besides the atomic bomb, they now have connected computers too.

For bonus points - if anybody is both paranoid and anal-retentive enough
to care about this sort of thing, I presume you *HAVE* edited your DNS
cache hints to only include root name servers that are located on US soil,
and reachable entirely by communications links that do not take a loop
through non-US territories.

THere *will* be hell to pay if foreign terrorists take over a root name
server that's outside the US, after all....

The named.ca file provides sketchy details about locations. Meknows that 
F is in the care of Paul Vixie. M is in a 202 apnic block (Japan). Any
others to worry about? Perhaps we should run traceroutes to all...

--Mitch
NetSide


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]