Hi, folks. As we all know, DNSSEC provides origin authentication and integrity assurance services for DNS data exchanged between DNS resolver and name-sever, while DNSSEC fails to give a means by which the DNS queries or responses transmitted between a host and a recursive server could be guaranteed integrity and authentication. For example, a malicious attacker might hijack the DNS query form a host and fake a response which will help he commit phishing. So I wonder, is there someone having a certain solution, more exactly a software implementation on host, to protect against such attack?
2009-04-23 m...@cnnic.cn
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop