Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED

Gadi Evron wrote: On Thu, 24 Jul 2008, Martin Hannigan wrote: I personally know several folks from within and wayyy from outside the DNS world who discovered this very out there and obvious issue and worked hard to try and contact the operators. Those that haven't fixed it yet, likely won't if

Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED

On Thu, 24 Jul 2008, Steve Bertrand wrote: Gadi Evron wrote: On Thu, 24 Jul 2008, Martin Hannigan wrote: I personally know several folks from within and wayyy from outside the DNS world who discovered this very out there and obvious issue and worked hard to try and contact the operators. Thos

Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning -

[EMAIL PROTECTED] (Simon Waters) writes: > The advice NOT to allow recursion on TLD servers is well over a decade old. it's not just advice, really. on the mailing list that's a little like this one except that unlike this one it's meant for DNS operations issues, i said

Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED

On Thu, 24 Jul 2008 15:50:15 - "Martin Hannigan" <[EMAIL PROTECTED]> wrote: > > I don't know that a failure to act immediately is indicative of > ignoring the problem. Not to defend AT&T or any other provider, but > it's not as simple as rolling out a patch. > Right. What scares me is all

RE: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED

On Thu, 24 Jul 2008, Martin Hannigan wrote: I personally know several folks from within and wayyy from outside the DNS world who discovered this very out there and obvious issue and worked hard to try and contact the operators. Those that haven't fixed it yet, likely won't if all thing remain

RE: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED

> > I personally know several folks from within and wayyy from outside the > DNS > world who discovered this very out there and obvious issue and worked > hard > to try and contact the operators. Those that haven't fixed it yet, > likely > won't if all thing remain even. > I don't know that a

Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning - RELEASED

On Thu, 24 Jul 2008, Gadi Evron wrote: But sticking to the point, TLD servers should (under most circumstances) be Should NEVER, oops.

Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning - RELEASED

On Thu, 24 Jul 2008, John Kristoff wrote: On Thu, 24 Jul 2008 10:06:25 +0100 Simon Waters <[EMAIL PROTECTED]> wrote: I checked last night, and noticed TLD servers for .VA and .MUSEUM are still offering recursion amongst a load of less popular top level domains. Indeed just under 10% of the aut

Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning - RELEASED

On Thu, 24 Jul 2008 10:06:25 +0100 Simon Waters <[EMAIL PROTECTED]> wrote: > I checked last night, and noticed TLD servers for .VA and .MUSEUM are > still offering recursion amongst a load of less popular top level > domains. > > Indeed just under 10% of the authoritative name servers mentioned i