Is This Another Specious DNS Vulnerability?

For the last few days there have alarums raised over Dan Kaminsky's
DNS findings, new releases of BIND, and patches to Microsoft DNS
Service released. Is this another "cache snooping" style DNS
vulnerability that has no significance when multiple instances of BIND
are used at one's security perimeter?

Roughly 15 years ago, I developed, what I thought was, a unique way of
using BIND for my company's customers. I'm sure that others may have
come up with the same solution. Is there some place where I can find
the actual details of the problem that would allow me to analyze the
threat to my company's customers?

Merton Campbell Crockett
m.c.crockett@roadrunner.com

Merton Campbell Crockett writes:

> Subject: Is This Another Specious DNS Vulnerability?

no.

> For the last few days there have alarums raised over Dan Kaminsky's DNS
> findings, new releases of BIND, and patches to Microsoft DNS Service
> released. Is this another "cache snooping" style DNS vulnerability that
> has no significance when multiple instances of BIND are used at one's
> security perimeter?

no.

> Roughly 15 years ago, I developed, what I thought was, a unique way of
> using BIND for my company's customers. I'm sure that others may have
> come up with the same solution. Is there some place where I can find
> the actual details of the problem that would allow me to analyze the
> threat to my company's customers?

no.
--
Paul Vixie

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Is This Another Specious DNS Vulnerability? - DNS

Thread: Is This Another Specious DNS Vulnerability?

LinkBack

Tools

Is This Another Specious DNS Vulnerability?

Re: Is This Another Specious DNS Vulnerability?