25 Jul 19:23
Re: DNS Attacks
Les Mikesell <lesmikesell <at> gmail.com>
2008-07-25 17:23:39 GMT
2008-07-25 17:23:39 GMT
bruce wrote:
> As I understand the issue. The issue is one of being able to poison the DNS
> app on the DNS server. There's not really much the casual user can do, aside
> from switching to another DNS/IP address that's safe. But the rub is, do you
> really know if the DNS/IP you're switching to is safe!
If you are really paranoid (or about to do large transactions on what
you hope is your banking site), you could do a 'whois' lookup for the
target domain to find their own name servers and send a query directly
there for the target site.
> The best approach, would probably be a system to allow you to poll a few DNS
> servers, and to take the returned ip address that comes back from the most
> of them as the "correct" ip address!! but this isn't implemented anywhere as
> far as i know....
dig @dns_server target_name
will send a query to a specified DNS resolver. Most public-facing
servers will only resolve the names of their own zones, especially now.
I think the current vulnerability only involves cached addresses for
which the server is not primary or secondary.
--
Les Mikesell
lesmikesell <at> gmail.com
--
--
fedora-list mailing list
fedora-list <at> redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
RSS Feed