On Thu, 6 May 1999, Sloan, Scott wrote:
> Would I run into a risk running Microsoft's DNS caching service on a
> Gauntlet NT firewall box? Would it be possible for someone to poison my
> cache? If so, what's the best configuration?
There was a report a couple weeks ago of the cache file being replaced on
an NT DNS - I have no idea what the exploit vector was. Cache poisoning
is always possible if the attacker can sniff a wire between you and
anything else, I don't know if NT's DNS is any better or worse than the
latest incantation of BIND. The NT port of BIND works well and has the
same behaviour as the Unix version, so you may be better off using that
to communicate with the rest of the planet. Binaries are available, see
http://www.navigist.com/Reference/Guides/BIND/ for more information.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
