[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning

Randy Bush randy at psg.com
Thu Jul 10 07:47:18 UTC 2008

> Is the level of DNS cache poisoning and IP packet spoofing attacks in
> the wild similar?

i have not measured and don't think anyone actually has.

packet spoofing is pretty much a ddos vulnerability.  dns poison is an
end user dollar diverter.  the latter is potentially much more subtle
and damaging.  and i gather that the current hole is pretty big.

it's just that raising the source spoofing fud with this week's dns hole
is a spoofing attack in itself, an amusing exercise in recursion, maybe. :)


More information about the dns-operations mailing list