[dns-operations] Need help testing snort DNS cache poisoning pre-processor.

Andre Ludwig andre.ludwig at gmail.com
Thu Jul 31 14:13:37 UTC 2008


We need a few people to help us test out a freshly developed Snort DNS
pre-processor that is targeted at the recent cache poisoning
vulnerabilities.  We are looking for individuals or groups who are willing
to run test code in an environment that will provide various types (and
flows) of DNS traffic.  These individuals or groups should also possess the
ability to actively induce attacks to verify the processor functions
effectively (not required, but helpful).   We would also like to zero in on
any performance related issues that arise (memory utilization, cpu, etc), so
hopefully you will have had some past experience with snorts performance
monitoring pre-processor as well.   Right now we want to keep the test group
a bit smaller to keep the management of feedback to workable levels.  This
is NOT a commercial endeavor and of course the results will be released to
the community as soon as things are "acceptable".

Feel free to ping me directly for a copy of the source code that needs to be
tested.  We are looking for 5-10 people at this time to beat up on this code
and provide feedback.

I would like to publicly thank Scott Campbell for all his hard work these
last few days (he deserves ALL the credit in this endeavor!).

You can check out some of Scott's previous work at the below link.


Andre Ludwig
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080731/0529dd63/attachment.html>

More information about the dns-operations mailing list