On Mon, 4 Aug 2008 14:47:58 -0700, Edward Jaffe <[EMAIL PROTECTED]> wrote:
>Edward Jaffe wrote: > >According to CERT, IBM mainframes are still listed as "unknown": >... For what it's worth, an MVS name server configured as a caching / forwarding name server can be protected from a direct attack by having it listen on the loopback addr - 127.0.0.1. Then it can process resolution requests only from the local RESOLVER. >From what I've read over the last couple days it sounds like typical cache poisoning attacks involve a flood of requests (and bogus responses) from "the enemy". If you limit the requests to the local LPAR the enemy would have to also be on the local LPAR (and we all know that anything running on MVS is from an absolutely trustworthy source). This, of course, does not keep a local caching name server from caching bogus data received from a corrupted name server. I have no idea how much of this applies to other mainframe operating systems. Pat O'Keefe ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
