Is This Another Specious DNS Vulnerability?
Chris Buxton
cbuxton at menandmice.com
Fri Jul 11 23:17:15 UTC 2008
On Jul 11, 2008, at 3:30 PM, Merton Campbell Crockett wrote:
> For the last few days there have alarums raised over Dan Kaminsky's
> DNS findings, new releases of BIND, and patches to Microsoft DNS
> Service released. Is this another "cache snooping" style DNS
> vulnerability that has no significance when multiple instances of BIND
> are used at one's security perimeter?
>
> Roughly 15 years ago, I developed, what I thought was, a unique way of
> using BIND for my company's customers. I'm sure that others may have
> come up with the same solution. Is there some place where I can find
> the actual details of the problem that would allow me to analyze the
> threat to my company's customers?
Not currently, unless you have been offered the NDA.
However, I have been assured by those who have seen it that it's
really bad. It's not the same old response forging attack we've seen
for the past 13 years.
Chris Buxton
Professional Services
Men & Mice
More information about the bind-users
mailing list