This is probably overblown:
On Mon, 23 Sep 2024, Lars Kollstedt wrote:
[...]
since the discovery of the real name of text.example.com (if this is
requestable from unvalidated source IP addresses - almost any source IP
address in
the "internet" has to be considered unvalidated - since there is
On 23.09.24 10:23, I wrote:
The attacker just needs to send requests for text.example.com IN TXT with the
forged IP of the victim, and the victim will get your hundreds of TXT records
under this name from your server for each of them.
s/forged/faked/g
;-)
--
Lars Kollstedt
Telefon: +49 61
On 23.09.24 08:07, Peter Davies wrote:
*From: *"Nagesh Thati"
*To: *"bind-users"
*Sent: *Mon
On 23. 09. 24 8:07, Peter Davies wrote:
*Additional Information:*
- Zone File Structure: The zone file contains a high number of TXT
records, particularly for infrastructure asset IDs.
*Request for Assistance:*
1. _Understanding the Limit:_ Is there a configurable limit in BIND that
restricts
4 matches
Mail list logo
