[dns-operations] AT&T DNS Cache Poisoning?
Phil Pennock
dnsop+phil at spodhuis.org
Sat Oct 27 05:02:22 UTC 2012
On 2012-10-27 at 04:23 +0000, Tim Huffman wrote:
> Any ideas what I can do to help my customer? This is the first time
> we've ever had something like this...
Continue trying to reach AT&T and the other operators of DNS servers in
that link?
You can look at deploying DNSSEC for their domain, so that those DNS
resolver operators who deploy validating caches will be immune to this.
The .edu zone is signed. If you get ben.edu signed as well, then you've
done everything technical to help resolvers only get valid data.
-Phil
More information about the dns-operations
mailing list