[dns-operations] Drive-by Pharming Threat (fwd)
Gadi Evron
ge at linuxbox.org
Fri Feb 16 04:13:28 UTC 2007
On Thu, 15 Feb 2007, Barry Greene (bgreene) wrote:
>
>
> > It's cool, it's "new" and it won't be a huge problem quite yet.
>
> It is not "new." It is just unpublished.
>
I stand corrected. :)
Than again, isn't that true for everything?
Many in the operational world said very proudly "we don't need to fix
spoofing, it isn't being exploited and all DDoS happens with bots".
(Randy Bush and friends).
In other circles:
"We don't need to patch this vulnerability yet, it isn't being exploited"
Think VML and Microsoft.
The DNS is a broken system when it comes to:
1. Security.
2. Mitigation.
It was just never built for this. I am not talking about infrastructure
stability and DDoS threats, but rather of manipulation (whether hijacking
or fastflux DNS) and mitigation (yeah, let's run after 40 NSs and then
seen them just being changed, while we can't kill the domain).
Not easy problems, but they are large ones. The second not fixed by
DNS-SEC.
Gadi.
More information about the dns-operations
mailing list