[dns-operations] AT&T DNS Cache Poisoning?

Phil Pennock dnsop+phil at spodhuis.org
Sat Oct 27 05:02:22 UTC 2012

On 2012-10-27 at 04:23 +0000, Tim Huffman wrote:
> Any ideas what I can do to help my customer? This is the first time
> we've ever had something like this...

Continue trying to reach AT&T and the other operators of DNS servers in
that link?

You can look at deploying DNSSEC for their domain, so that those DNS
resolver operators who deploy validating caches will be immune to this.
The .edu zone is signed.  If you get ben.edu signed as well, then you've
done everything technical to help resolvers only get valid data.


More information about the dns-operations mailing list