If we talk about checking after suspected poisoning, my best idea is:
dump the cache, then flush the cache and do the lookups again and
compare to the cache-dump. Any difference is suspicious and should be
looked closer upon.
The cure is BTW also to flush the cache of the fake info.
Remember tha
On 25.10.10 16:39, The Doctor wrote:
> My question is how can you detect if a DSN / Domain name
> has been 'poisoned'?
quitye hard if it's already been done. You can see what it contains and
compare it with what is should contain, but you never know if the incorrect
data didn't come from misconfig
Zitat von The Doctor :
My question is how can you detect if a DSN / Domain name
has been 'poisoned'?
Compare what your cache deliver with results from other sites. To
prevent cache poison you might use DNSSEC if the zones which are
affected support it and at least use a recent Resolver wit
On 2010-10-26 00:39, The Doctor wrote:
> My question is how can you detect if a DSN / Domain name
> has been 'poisoned'?
By using DNSSEC
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
My question is how can you detect if a DSN / Domain name
has been 'poisoned'?
--
Member - Liberal International This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca
God, Queen and country! Never Satan President Republic! Beware AntiChrist
rising!
http://twitter.com/rootnl2k http://www.facebook.com/
5 matches
Mail list logo
