DNS spoofing - security problems...
From: Chris (chris23_at_ic-2000.com)
Date: 12/21/04
- Next message: Herb Martin: "Re: DNS spoofing - security problems..."
- Previous message: Herb Martin: "Re: Static DNS records hosted in AD/DDNS zone fall out"
- Next in thread: Herb Martin: "Re: DNS spoofing - security problems..."
- Reply: Herb Martin: "Re: DNS spoofing - security problems..."
- Reply: Roger Abell: "Re: DNS spoofing - security problems..."
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 21 Dec 2004 12:50:42 -0500
This morning on of our DNS servers started responding to all requests with
the same IP address. The only exceptions were sites that the server was
authoritative for. I fixed it by clearing the cache, but I have to wonder
how this is happening. This server runs Windows 2000 dns and has the
"secure cache against pollution" option set (and I confirmed it in the
registry).
I contacted Microsoft and they had no idea what might be happening. They
thought that one of the root servers may have been compromised. I find this
hard to believe however. I found this link on the web:
http://www.atsnn.com/story/105049.html which describes a similar situation.
It appears that this has occured to others over the last few weeks, and any
root server problems probably would have been dealt with.
Has anyone seen this before. It seems like a vulnerability that has not yet
been addressed. However, maybe its just a vulnerability in DNS in general.
Any thoughts?
- Next message: Herb Martin: "Re: DNS spoofing - security problems..."
- Previous message: Herb Martin: "Re: Static DNS records hosted in AD/DDNS zone fall out"
- Next in thread: Herb Martin: "Re: DNS spoofing - security problems..."
- Reply: Herb Martin: "Re: DNS spoofing - security problems..."
- Reply: Roger Abell: "Re: DNS spoofing - security problems..."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
