[cache poisoning][last bind version vulnerable][security mechanism]
Daniel Migault
daniel.migault at francetelecom.com
Wed Nov 16 09:34:08 UTC 2005
Hi,
I am pretty new in the Bind and security issues, and rigth now I am
looking at the DNS cache poisoning attack.
I used the dnsa program written by Pierre Betouin. We used BIND 9.3, and
found that this version is not vulnerable to cache poisoning attacks. So
my questions are :
1. Do you know BIND last version which is cache poisoning vulnerable?
2. What kind of mechanisms BIND use to counter this attack. Is-it not
caching "additional data" not related to the request, or is it something
else?
I looked at :
http://www.isc.org/index.pl?/sw/bind/bind-security.php
, but didn't find answers to my questions.
Regards,
Daniel
Daniel Migault
France Télécom R&D
Tel : + 33 (0)1 45 29 60 52
Tel : + 33 (0)6 70 72 69 58
More information about the bind-users
mailing list