In message <fdf98a3e-6bdc-4d85-8826-b3b8dc6ec...@gmail.com>, George Herbert writes: > > On Nov 24, 2014, at 4:18 PM, Randy Epstein <na...@hostleasing.net> > wrote: > > > > Actually, he didnât hack its records either. He exploited a bug in > BIND. > > > ...returned a legit response plus a tacked-on glue record for > www.internic.net anytime you queried his nameserver, which he tricked > people into doing with mixtures of sending you mail, hitting open DNS > servers with queries for his domain, and another thing I still don't want > to talk about. > > > Paul was more widely quoted and knew his BIND vulnerability better; he > can always out-pedant me on this one.
More a protocol bug which lead to DNSSEC, which allows you to accept a answer from anywhere so long as it is signed and validates as secure, which most of you have yet to deploy. > I did get a few press quotes, though. > > Your fu is weak, Randyhopper. Train harder! ;-) > > George William Herbert > Sent from my iPhone -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
