[dns-operations] DNS issue accidentally leaked?
Matthew Pounsett
matt.pounsett at cira.ca
Tue Jul 22 05:15:19 UTC 2008
On 22-Jul-2008, at 01:00 , Alperovitch, Dmitri wrote:
> How is this attack really different from the birthday attack
> described by
> Joe Stewart and others in 2002? Perhaps a slide variation on it but I
> wouldn't call it earthshakingly new...
This is exactly the kind of thing we've all been trying to fight since
the public announcement. I'm not going to help spread the bad by
posting details here, but suffice to say that an un-patched caching
server could have google.com poisoned within a few minutes. A really
poor implementation of the exploit might take as long as a half hour.
When you do see the details, you will smack your own forehead for not
seeing its simplicity earlier, and for not heeding the warnings and
patching everything in sight when you had the chance.
Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080722/64828379/attachment.sig>
More information about the dns-operations
mailing list