Is This Another Specious DNS Vulnerability? - DNS

This is a discussion on Is This Another Specious DNS Vulnerability? - DNS ; For the last few days there have alarums raised over Dan Kaminsky's DNS findings, new releases of BIND, and patches to Microsoft DNS Service released. Is this another "cache snooping" style DNS vulnerability that has no significance when multiple instances ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Is This Another Specious DNS Vulnerability?

  1. Is This Another Specious DNS Vulnerability?

    For the last few days there have alarums raised over Dan Kaminsky's
    DNS findings, new releases of BIND, and patches to Microsoft DNS
    Service released. Is this another "cache snooping" style DNS
    vulnerability that has no significance when multiple instances of BIND
    are used at one's security perimeter?

    Roughly 15 years ago, I developed, what I thought was, a unique way of
    using BIND for my company's customers. I'm sure that others may have
    come up with the same solution. Is there some place where I can find
    the actual details of the problem that would allow me to analyze the
    threat to my company's customers?


    Merton Campbell Crockett
    m.c.crockett@roadrunner.com





  2. Re: Is This Another Specious DNS Vulnerability?

    Merton Campbell Crockett writes:

    > Subject: Is This Another Specious DNS Vulnerability?


    no.

    > For the last few days there have alarums raised over Dan Kaminsky's DNS
    > findings, new releases of BIND, and patches to Microsoft DNS Service
    > released. Is this another "cache snooping" style DNS vulnerability that
    > has no significance when multiple instances of BIND are used at one's
    > security perimeter?


    no.

    > Roughly 15 years ago, I developed, what I thought was, a unique way of
    > using BIND for my company's customers. I'm sure that others may have
    > come up with the same solution. Is there some place where I can find
    > the actual details of the problem that would allow me to analyze the
    > threat to my company's customers?


    no.
    --
    Paul Vixie

    --
    This message has been scanned for viruses and
    dangerous content by MailScanner, and is
    believed to be clean.



+ Reply to Thread