Home page logo
/

nanog logo nanog mailing list archives

Re: DNS Attacks
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Sun, 19 Feb 2012 11:59:22 +0000

On Feb 19, 2012, at 10:59, Ken Gilmour <ken.gilmour () gmail com> wrote:
On Feb 18, 2012 10:24 PM, "Robert Bonomi" <bonomi () mail r-bonomi com> wrote:

Even better, nat to a 'bogon' DNS server -- one that -- regardless of the
query -- returns the address of a dedicated machine on your network set up
especially for this purpose.

What happens when the client sends a POST from a cached page on the end
user's machine? E.g. if they post login credentials. Of course, they'll get
the error page, but then you have confidential data in your logs and now
you have to protect highly confidential info, at least if you're in europe.

It is possible to configure the web server not to log POSTed info.

-- 
TTFN,
patrick



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault