Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 27 Apr 1997 22:35:48 +0000 (GMT)
From:      The Code Warrior  <jbowie@bsdnet.org>
To:        Warner Losh <imp@village.org>
Cc:        Dmitry Valdov <dv@kis.ru>, freebsd-security@freebsd.org
Subject:   Re: SNI-12: BIND Vulnerabilities and Solutions (fwd) 
Message-ID:  <Pine.BSF.3.96.970427222630.417B-100000@utopia.nh.ultranet.com>
In-Reply-To: <E0wLexe-0006zz-00@rover.village.org>

next in thread | previous in thread | raw e-mail | index | archive | help


On Sun, 27 Apr 1997, Warner Losh wrote:

> I have.  There are some, but not a lot.  I've been trying to plug them
> as I find them.  Most of them have long ago been plugged.
	As have I.
> 
> And the name doesn't need to be spoofed either.  You just need control
> over the in-addr.arpa domain for the IP numbers that you claim to be
> coming from for this attack to work.

I'm well aware of this just commented on it due to the nature of the
thread, wouldn't want to give any "impressionable" young children any
ideas. :) As always I thank you for your imput.  Maybe coming up with a
kernel mod, using a new transport medium might be the answer.  I mean if
you reinvent the packet medium I suppose you could eliminate this sort of
problem with better packet handling on the localhosts and / or routers.
Regardless though, It seems to me that you could just come up with a
version of named in which the server that the request is going to makes a
secondary request to an undisclosed ns verifying the authenticity of
the incoming packet.  Any thoughts?

-Jon Bowie
SysAdmin / Consulting / TeenSysop
		603-436-5698
jobe@insomnia.org	jbowie@taco.net
jbowie@teensysop.org    jbowie@eliteness.org
                jbowie@bsdnet.org




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970427222630.417B-100000>