Chris Adams wrote:
Once upon a time, Patrick W. Gilmore <[EMAIL PROTECTED]> said:
Depends on what you call "caching". Does honoring a TTL qualify as
caching?
What other kind of DNS caching is there?
There's an article on /. today about providers (apparently there are
quite a lot of them
> It would be very interesting in seeing the difference in DNS traffic for a
> domain if it sets TTL to let's say 600 seconds or 86400 seconds. This
> could perhaps be used as a metric in trying to figure out the impact of
> capping the TTL? Anyone know if anyone did this on a large domain and
Mikael Abrahamsson wrote:
On Mon, 18 Apr 2005, Jason Frisvold wrote:
Is it possible to "prevent" poisoning attacks? Is it beneficial, or
even possible, to prevent TTL's from being an excessively high value?
It would be very interesting in seeing the difference in DNS traffic
for a domain if it
On Monday, 2005-04-18 at 22:08 ZE2, "Peter & Karin Dambier"
<[EMAIL PROTECTED]> wrote:
> Preventing poisoning attacks:
>
> I guess most attacks are against windows workstations.
I'm not sure what you mean by this. Cache poisoning applies to machines
that are doing caching. It can affect any
> Is it possible to "prevent" poisoning attacks? Is it beneficial, or
> even possible, to prevent TTL's from being an excessively high value?
>
> --
> Jason 'XenoPhage' Frisvold
> [EMAIL PROTECTED]
>
Preventing poisoning attacks:
I guess most attacks are against windows workstations.
1) Hid
On 4/18/05, Mikael Abrahamsson <[EMAIL PROTECTED]> wrote:
> It would be very interesting in seeing the difference in DNS traffic for a
> domain if it sets TTL to let's say 600 seconds or 86400 seconds. This
> could perhaps be used as a metric in trying to figure out the impact of
> capping the TTL
* Mikael Abrahamsson:
> If one had to repeate the cache poisoning every 10 minutes I guess life
> would be much harder than if you had to do it once every day?
Not necessarily, because every cache refresh is a new attack
opportunity. 8-)
* Jason Frisvold:
> I think this is more of a question of who to trust. Caching, in
> general, isn't a bad thing provided that TTL's are adhered to. If the
> poisoning attack were to inject a huge TTL value, then that would
> compromise that cache. (Note, I am no expert on dns poisoning, so I'
On Mon, Apr 18, 2005 at 03:05:55PM -0400, Jason Frisvold said something to the
effect of:
>
> On 4/18/05, Daniel Golding <[EMAIL PROTECTED]> wrote:
> >
> >
> > Aside from individual OS behavior, doesn't this seem like very bad advice?
>
> I think this is more of a question of who to trust. C
On Mon, 18 Apr 2005, Jason Frisvold wrote:
Is it possible to "prevent" poisoning attacks? Is it beneficial, or
even possible, to prevent TTL's from being an excessively high value?
It would be very interesting in seeing the difference in DNS traffic for a
domain if it sets TTL to let's say 600 s
On 4/18/05, Daniel Golding <[EMAIL PROTECTED]> wrote:
>
>
> Aside from individual OS behavior, doesn't this seem like very bad advice?
I think this is more of a question of who to trust. Caching, in
general, isn't a bad thing provided that TTL's are adhered to. If the
poisoning attack were to
Aside from individual OS behavior, doesn't this seem like very bad advice?
What sort of DNS cache poisoning attack could possibly work against a
workstation that has a caching resolver but no DNS server? If a hacker
really wished to do a name resolution attack against workstations, wouldn't
they
On Apr 18, 2005, at 2:02 PM, Chris Adams wrote:
Once upon a time, Patrick W. Gilmore <[EMAIL PROTECTED]> said:
Most desktop OSes do not re-query for the name again.
Don't confuse apps and OSes. If I run "lynx", it does a DNS lookup
for
each connect (even when it is the same hostname).
I wasn't.
- Original Message -
From: "Chris Adams" <[EMAIL PROTECTED]>
To:
Sent: Monday, April 18, 2005 10:35 AM
Subject: Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on
workstations
That's what most Unix/Linux/*BSD boxes do unless they are running a
local ca
Once upon a time, Patrick W. Gilmore <[EMAIL PROTECTED]> said:
> Most desktop OSes do not re-query for the name again.
Don't confuse apps and OSes. If I run "lynx", it does a DNS lookup for
each connect (even when it is the same hostname).
--
Chris Adams <[EMAIL PROTECTED]>
Systems and Network
- Original Message -
From: "Erik Amundson" <[EMAIL PROTECTED]>
To:
Sent: Monday, April 18, 2005 1:45 PM
Subject: RE: Jonathan Yarden @ TechRepublic: Disable DNS caching on
workstations
> Windows definitely caches DNS entries...but as far as I've seen, it do
On Apr 18, 2005, at 1:35 PM, Chris Adams wrote:
Can you imagine what would happen if every time anyone ever looked up
any hostname they sent out a DNS query?
That's what most Unix/Linux/*BSD boxes do unless they are running a
local caching name service of some time (BIND, nscd, etc.). I wasn't
act
message in
any form, printed or electronic.
-Original Message-
From: Chris Adams [mailto:[EMAIL PROTECTED]
Sent: Monday, April 18, 2005 12:35 PM
To: nanog@merit.edu
Subject: Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on
workstations
Once upon a time, Patrick W. Gilmore <[EM
Once upon a time, Patrick W. Gilmore <[EMAIL PROTECTED]> said:
> Depends on what you call "caching". Does honoring a TTL qualify as
> caching?
What other kind of DNS caching is there?
> Can you imagine what would happen if every time anyone ever looked up
> any hostname they sent out a DNS
On Apr 18, 2005, at 11:45 AM, Jay R. Ashworth wrote:
Here we go again...
http://techrepublic.com.com/5100-10595-5657417.html?tag=nl.e044
My initial reaction is "why?" My followup reaction is "Well, most
workstations don't cache anyway, do they?"
Depends on what you call "caching". Does honoring a
Here we go again...
http://techrepublic.com.com/5100-10595-5657417.html?tag=nl.e044
My initial reaction is "why?" My followup reaction is "Well, most
workstations don't cache anyway, do they?"
Cheers,
-- jra
--
Jay R. Ashworth[EMAIL PROTECTED]
D
21 matches
Mail list logo