Re: [bind] Re: The worst thing about the exploit -- Have you done your part? - DNS

This is a discussion on Re: [bind] Re: The worst thing about the exploit -- Have you done your part? - DNS ; > On the other hand, I posted about this on a hardened Linux mailing > list, and received only ridicule and scorn in return. A security > professional who claims over 3 decades of Internet experience led the > charge, ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: [bind] Re: The worst thing about the exploit -- Have you done your part?

  1. Re: [bind] Re: The worst thing about the exploit -- Have you done your part?

    > On the other hand, I posted about this on a hardened Linux mailing
    > list, and received only ridicule and scorn in return. A security
    > professional who claims over 3 decades of Internet experience led the
    > charge, calling me paranoid and an alarmist. He specifically claimed
    > that, since he doesn't operate a resolving name server (he uses his
    > ISP, who have not patched their name servers as of my last check), and
    > since his authoritative name servers are all PowerDNS, he has nothing
    > to worry about, so why was I bothering the list with this irrelevant
    > nonsense?
    >
    > All to say, don't expect it to necessarily be easy to convince people
    > this is a real problem.
    >
    > (I've had better experiences elsewhere. And all of my friends and
    > family whose ISP's are not updated are using opendns.com.)
    >

    People have also said "Well, wait until the news outlets get a
    hold of this, it'll be bigger than any movie stars baby, any presidential
    scandal, etc". Well, I've seen it on 2 different news sites, with it
    giving a "dooms day" feel to it.... And.... Seems its just not getting
    anyones attention. The ISP I'm on (MAJOR cable co) still hasn't seemed
    to make the change or done anything about it.

    I guess someone needs to poison a few large DNS servers and
    start stealing credit cards and eBay/Paypal/Y!/Gmail id/passes for it
    to get anyones attention.

    Tuc


  2. Re: [bind] Re: The worst thing about the exploit -- Have you done your part?

    "Tuc at T-B-O-H.NET" writes:

    > I guess someone needs to poison a few large DNS servers and
    > start stealing credit cards and eBay/Paypal/Y!/Gmail id/passes for it
    > to get anyones attention.


    yeah well that's not something we have to organize, it'll just happen.
    --
    Paul Vixie


+ Reply to Thread