[dns-operations] Massive DNS poisoning attacks in Brazil
Olaf Kolkman
olaf at NLnetLabs.nl
Mon Nov 7 14:11:00 UTC 2011
On Nov 7, 2011, at 2:01 PM, Stephane Bortzmeyer wrote:
> One sentence at the end seems to indicate it has nothing to do with
> DNS poisoning but that the cracker was able to hijack the router (in
> which cas all your bets are off).
Yes, and that sentence refers to CPE hacks. On the other hand the last sentence of the second paragraph mentions ISP recursive name servers.
All the same it occurs to me that DNSSEC validation at the host would have prevented this (if the authoritative zones in questions would have been signed).
--Olaf
________________________________________________________
Olaf M. Kolkman NLnet Labs
http://www.nlnetlabs.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2210 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20111107/81c01df8/attachment.bin>
More information about the dns-operations
mailing list