Master to Slave Schedule to Avoid Poison Propegation
Barry Margolin
barmar at alum.mit.edu
Sun Aug 14 04:38:41 UTC 2005
In article <ddlp7t$tag$1 at sf1.isc.org>, Danny Mayer <mayer at gis.net>
wrote:
> Brad Knowles wrote:
> > At 6:29 AM -0700 2005-08-12, Danimal wrote:
> >
> >
> >> So for example if the master somehow became compromised we could remove
> >> it from the network before it infected the DNS records of the slave.
> >>
>
> I think you're confused. An authorative nameserver's data cannot be
> compromised, at least not via cache poisoning since it will never accept
> records for zones for which it is authorative.
Who said anything about cache poisoning? I interpreted the OP to be
talking about someone breaking into the system, or perhaps using a BIND
exploit to insert new authoritative data (for instance, a bug in dynamic
update ACL checking).
Using a hidden master doesn't prevent this, although it might make it
harder for the cracker to find the machine they need to compromise. But
if they break into one of the slaves, they can find out the master's
address from its named.conf.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list