i'm hearing reports of new DNS cache corruption

Paul Vixie paul at vix.com
Fri Jul 2 16:38:38 UTC 1999


one person's caching name server had been told that www.networksolutions.com's
"A" record was that of ICANN's web server.  the last person who did this sort
of thing spent time in jail for it, so i'm not expecting anyone to claim credit
publically this time.  the current work is either a dark and stupid joke, or
an attempt to discredit ICANN, or an attempt to prompt earlier deployment of
DNSSEC.  (while we plugged the particular hole used by eugene kashpureff a few
years ago, it is widely known that DNS cannot be made secure from this kind of
attack without new technology like DNSSEC.)

if anyone who has a corrupted BIND server would dump its cache and send me the
IP address that the corrupt A RR came from, i'd appreciate it (and i'll share
it with CERT and the FBI.)


More information about the bind-users mailing list