[oclug] DNS cache poisoning: should we care?

Adrian Irving-Beer wisq-oclug at wisq.net
Thu Apr 7 22:13:54 EDT 2005


On Thu, Apr 07, 2005 at 07:21:55PM -0400, Bill Strosberg wrote:

> Certainly we should care.  Any time we are connecting to the
> Internet we stand a good chance of using one of these servers,
> unless you alway 100% control every environment you work in.

Or you run your own BIND server that talks directly to the root, and
your ISP lets you do this (which most do in my experience).

I agree it is an issue.  It's a non-issue for some of us, less of an
issue for expert users who can set up a caching nameserver, a bit
more of an issue[1] for newer Linux users, and a huge issue for
Windows users.


[1] A big issue mitigated by the fact that Linux trojans are rarer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://tux.oclug.on.ca/pipermail/oclug/attachments/20050407/e201168d/attachment.bin


More information about the OCLUG mailing list