[dns-operations] Massive DNS poisoning attacks in Brazil
olaf at NLnetLabs.nl
Mon Nov 7 14:11:00 UTC 2011
On Nov 7, 2011, at 2:01 PM, Stephane Bortzmeyer wrote:
> One sentence at the end seems to indicate it has nothing to do with
> DNS poisoning but that the cracker was able to hijack the router (in
> which cas all your bets are off).
Yes, and that sentence refers to CPE hacks. On the other hand the last sentence of the second paragraph mentions ISP recursive name servers.
All the same it occurs to me that DNSSEC validation at the host would have prevented this (if the authoritative zones in questions would have been signed).
Olaf M. Kolkman NLnet Labs
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2210 bytes
Desc: not available
More information about the dns-operations