Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
[Bojan Zdrnja] > I'm not sure what's the story with other DNS servers (djbdns, for > example). In regard to djbdns, I believe that that's answered at: http://cr.yp.to/djbdns/dnscache.html where it says: dnscache does not cache (or pass along) records outside the server's bailiwick; those records could be poisoned. Records for foo.dom, for example, are accepted only from the root servers, the dom servers, and the foo.dom servers. Regards, Matt
Re: Bind 8 bug experience
> Three bugs in bind 4 and 8 were announced this morning, November 12. > At least one has the possibility of arbitrary code execution [. . .] > I don't know of a similar incident when the known patches to such a > serious problem were withheld by a software provider. Speaking for myself, I never expected anything different. In my experience, when security information is restricted, the people who have it aren't particularly concerned about getting it to the people who don't. More than a year and a half ago, when I saw ISC's message indicating that security information about BIND would be withheld from the public, I removed BIND from all my systems and installed djbdns. Particularly ironic in light of ISC's apparent delay in releasing patches is this from the BIND Member Forum FAQ: Q: So the bind-members Forum programme does not restrict or delay any access to which the industry has become accustomed? A: Right. The documents referred to are archived at: http://marc.theaimsgroup.com/?l=bind-announce&m=98097021832397 http://marc.theaimsgroup.com/?l=bind-announce&m=98126980802945 Regards, Matt