Date: Sun, 27 Apr 1997 22:35:48 +0000 (GMT) From: The Code Warrior <jbowie@bsdnet.org> To: Warner Losh <imp@village.org> Cc: Dmitry Valdov <dv@kis.ru>, freebsd-security@freebsd.org Subject: Re: SNI-12: BIND Vulnerabilities and Solutions (fwd) Message-ID: <Pine.BSF.3.96.970427222630.417B-100000@utopia.nh.ultranet.com> In-Reply-To: <E0wLexe-0006zz-00@rover.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 27 Apr 1997, Warner Losh wrote:
> I have. There are some, but not a lot. I've been trying to plug them
> as I find them. Most of them have long ago been plugged.
As have I.
>
> And the name doesn't need to be spoofed either. You just need control
> over the in-addr.arpa domain for the IP numbers that you claim to be
> coming from for this attack to work.
I'm well aware of this just commented on it due to the nature of the
thread, wouldn't want to give any "impressionable" young children any
ideas. :) As always I thank you for your imput. Maybe coming up with a
kernel mod, using a new transport medium might be the answer. I mean if
you reinvent the packet medium I suppose you could eliminate this sort of
problem with better packet handling on the localhosts and / or routers.
Regardless though, It seems to me that you could just come up with a
version of named in which the server that the request is going to makes a
secondary request to an undisclosed ns verifying the authenticity of
the incoming packet. Any thoughts?
-Jon Bowie
SysAdmin / Consulting / TeenSysop
603-436-5698
jobe@insomnia.org jbowie@taco.net
jbowie@teensysop.org jbowie@eliteness.org
jbowie@bsdnet.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970427222630.417B-100000>