Re: [PLUG] IT: Dan Bernstein Confirms Security Flaw In Djbdns

Michael Bevilacqua on 5 Mar 2009 13:48:59 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] IT: Dan Bernstein Confirms Security Flaw In Djbdns

From: Michael Bevilacqua <michael@bevilacqua.us>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: Re: [PLUG] IT: Dan Bernstein Confirms Security Flaw In Djbdns

Date: Thu, 5 Mar 2009 16:48:53 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

On Thu, Mar 5, 2009 at 4:07 PM, JP Vossen <jp@jpsdomain.org> wrote:

[1] http://securityandthe.net/2009/03/05/security-issue-in-djbdns-confirmed/
[2] http://en.wikipedia.org/wiki/DNS_cache_poisoning
[3] http://www.your.org/dnscache/djbdns.pdf
[4] http://marc.info/?l=djbdns&m=123554945710038
[5] http://twitter.com/dakami/status/1260880457

Also: http://article.gmane.org/gmane.network.djbdns/13864

Note that, with my presentations on DJBDNS, I have never suggested anyone use AXFRDNS for this very possibility (and it is noted in DJB's documentation as well). But wow, what an amazing find huh? That's some good security hacking.

--
Michael D. Bevilacqua
michael@bevilacqua.us

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] IT: Dan Bernstein Confirms Security Flaw In Djbdns
From: JP Vossen <jp@jpsdomain.org>

Prev by Date: Re: [PLUG] word docs with open office and web sites (slightly OT)

Next by Date: Re: [PLUG] word docs with open office and web sites (slightly OT)

Previous by thread: [PLUG] IT: Dan Bernstein Confirms Security Flaw In Djbdns

Next by thread: [PLUG] Need Help with Barcode Scanner

Index(es):

Date

Thread