[dns-operations] [Fwd: Cache Poisoning Detection via ONZRA's CacheAudit]

Doug Barton dougb at dougbarton.us
Fri Aug 1 20:26:04 UTC 2008

I'm sure a lot of you will see this on NANOG, but for the archives ...


-------- Original Message --------
Subject: Cache Poisoning Detection via ONZRA's CacheAudit
Date: Fri, 1 Aug 2008 13:20:45 -0700
From: Jose Avila <jose at onzra.com>
To: nanog at nanog.org

In light of new attack vectors DNS Cache Poisoning discovered by Dan
Kaminsky, ONZRA has developed a free Open Source (BSD License) tool
called CacheAudit. This tool allows recursive providers to detect
cache poisoning events using cache dumps from their DNS servers. Along
with releasing this tool, ONZRA has also released a white paper
describing the validation process.

Main Tool Page: http://www.onzra.com/cacheaudit.html
White Paper: http://www.onzra.com/RecursiveDNSCacheAuditingWhitepaper.pdf


Jose Avila III

More information about the dns-operations mailing list