[dns-operations] How Stack Overflow plans to survive the next DNS attack

Robert Edmonds edmonds at mycre.ws
Wed Jan 11 21:06:48 UTC 2017


Paul Vixie wrote:
> actually it is, it's just not well documented. given $wrong and $right, where $wrong > $right using serial-number arithmetic as defined for TCP sequence numbers, you do this:
> 
> step 1: set serial = $wrong + 0x7fffffff, send notify, observe transfer
> step 2: set serial = $right, send notify, observe transfer
> 
> obviously this depends on $wrong - $right < 0x80000000, but that's usually the case. if it's not, then more steps or different offsets may be needed in "step 1" above.
> 
> probably this deserves an RFC, perhaps one that also clarified other aspects of NOTIFY.

RFC 1982?

-- 
Robert Edmonds



More information about the dns-operations mailing list