[dns-operations] Description of the "Kashpureff-style DNS cache corruption attack"
Peter Dambier
peter at peter-dambier.de
Sun Nov 26 21:51:58 UTC 2006
Paul Vixie wrote:
...
> i'm told that some/all versions of the microsoft recursive name server suffer
>>from the same problem. and of course most BIND4 servers suffer from not only
> this problem but the original problem of being willing to cache the pollution
> and reuse it. BIND9 and PowerDNS are fully regenerative, a requestor never
> hears anything that came from a remote authority server, every response is
> generated from the cache, and the cache is protected from pollution.
I have seen a problem with a server that is reported to run the microsoft
nameserver.
The box is running its own rootzone and several other zones and the box
is running as a resolver for a small group of people.
That box repeatedly "forgot" TLDs out of its rootzone. You could "dig axfr"
and veryfy. The box had got Alzheimer :)
Cheers
Peter and Karin
--
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher-Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
http://www.cesidianroot.com/
More information about the dns-operations
mailing list