Date: Tue, 12 Nov 2002 19:10:32 -0500 (EST) From: Matt Piechota <piechota@argolis.org> To: Michael Carew <MichaelCarew@bytecraftsystems.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8 (fwd)] Message-ID: <20021112190402.T35102-100000@cithaeron.argolis.org> In-Reply-To: <07fe01c28aa7$5bdeba10$0d11000a@wscarewm>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 13 Nov 2002, Michael Carew wrote: > At least limiting it prevents someone setting up an authoritative server, > then making a query to that domain off your name server. > > They are then reliant on a legitimate client querying the server with the > malicious content, rather than them doing it themselves. > > Reducing the changes substantially I would imagine. Not as much as you'd think. If you use tcpwrappers and something like *.foo.edu, it'll do a reverse lookup to find out if a.b.c.d matches *.foo.edu. I think other things do at least reverse lookups as well (ie, so 'w' show what host I'm connecting from vs what IP). It's a little more difficult to have a reverse DNS domain, but not much. Besides, I think there's a few services that do a reverse then a forward to see if the names match. (I think I remember reading that) -- Matt Piechota To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021112190402.T35102-100000>