[dns-operations] DNS issue accidentally leaked?
Alperovitch, Dmitri
dmitri_alperovitch at securecomputing.com
Tue Jul 22 15:54:07 UTC 2008
>The difference is its use of additional RR records. The request is for
>some arbitrary sub domain like 12345.google.com, but your spoofed
>response also includes the record for www.google.com
Which is also decades old and well known. So at best, it's a 'new' attack
that is a combination of 2 well-known/documented ones. Maybe I am somewhat
disappointed because I expected a second coming/something truly novel
(please note that I'm not discounting the seriousness of the issue, just
commenting on its apparent novelty)
Regards,
----
Dmitri Alperovitch
Director, Intelligence Analysis and Hosted Security
Secure Computing Corporation
http://www.securecomputing.com
More information about the dns-operations
mailing list