I'm going try to keep the signal to noise high. So I'm going to avoid
the point/counter point, especially since I agree with Rick.
I'm quite fond of ssh key pairs. They offer numerous advantages:
* very impractical to brute force
* reduce the exposure of whatever passwords you do use
* if a ser
Quoting Bill Broadley (b...@broadley.org):
What you said.
> * Authoritative only servers don't cache
Well, yeah, authoritative-ONLY servers would have no use for caching by
definition, as they aren't accepting data from elsewhere.
DNSSEC is definitely quite worthwhile. I just am mostly wary of
I've gave a talk a few DNSSEC and DKIM talks and run a few DNSSEC
protected domains. I was involved in getting UCD to finally go DNSSEC
which happened recently. I was (AFAIK) the first DNSSEC enabled domain
on campus. Ah, rats, for years I was the top hit on google for DNSSEC
and DKIM, but
Quoting Tony Cratz (cr...@hematite.com):
> > This prevents hackers from injecting false information (aka DNS cache
> > 'poisoning'), in an attempt to re-direct people trying to access a real
> > website to a fake, phishing or criminal site.
>
> I will attempt to answer you question by givin
On 09/16/2013 04:08 PM, Tony Cratz wrote:
> I will attempt to answer you question by giving a very high
> level overview.
I see I made a number of small mistakes which could have been
corrected if I would have read over my message before I hit
send.
Th
On 09/16/2013 01:13 PM, Brian Lavender wrote:
> How is it that attackers inject false information into DNS?
>
> https://wiki.sonic.net/wiki/DNSSEC
> This prevents hackers from injecting false information (aka DNS cache
> 'poisoning'), in an attempt to re-direct people trying to access a real
> web
How is it that attackers inject false information into DNS?
https://wiki.sonic.net/wiki/DNSSEC
This prevents hackers from injecting false information (aka DNS cache
'poisoning'), in an attempt to re-direct people trying to access a real
website to a fake, phishing or criminal site.
brian
--
Bria