On Thu, 11 Nov 1999, Brian Wellington wrote: > Caching-only servers are also vulnerable. The NXT record is no different > that any other DNS record in this case. If someone is able to make your > server fetch a maliciously-constructed NXT record, it will cause problems. > A query to a caching server will force the server to send a recursive > query, which makes the caching server vulnerable. All the more reason to define local IP ranges and restrict allow-query to those ranges only by default. AB
- No Subject Dennis Conrad
- No Subject Bruno Treguier
- No Subject Cristian Gafton
- No Subject Bill Nottingham
- No Subject Ejovi Nuwere
- No Subject Anonymous
- Re: your mail Brian Wellington
- Re: your mail Alan Brown
- Re: your mail Alain Thivillon
- No Subject David R. Conrad
- Re: CERT Advisory CA-99-14 Multiple Vulnerabil... Solar Designer
- Re: your mail Firstname Lastname
- No Subject Swen Persson
- No Subject Morris, Joseph L.
- No Subject Thomas Biege
- No Subject eAX [Teelicht]
- Re: KEN! security hole (was: -no subject-) Thorsten Claus
- No Subject Ben Li
