An Idea
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue Feb 4 20:07:33 UTC 2003
[ADM]RS <RS at georgeland.co.uk> wrote:
> I saw this idea floating around the Internet, and I just to start a debate
> and get people's view wondered what people thought :
> There's seemingly a new breed of ratware out there that targets the MX
> servers in reverse order (highest number first). There's nothing in
> the RFCs to state that the same MX may not appear twice (unless anyone
> knows different), so some measure of protection may be had by changing
> the current MX records:
> | georgeland.co.uk MX (Mail Exchanger) Priority: 5 inmail1.cableinet.co.uk
> | georgeland.co.uk MX (Mail Exchanger) Priority: 10 mail2.cableinet.net
> to:
> | georgeland.co.uk MX (Mail Exchanger) Priority: 5 inmail1.cableinet.co.uk
> | georgeland.co.uk MX (Mail Exchanger) Priority: 10 mail2.cableinet.net
> | georgeland.co.uk MX (Mail Exchanger) Priority: 15
> inmail1.cableinet.co.uk
> That way the backup MX would be a backup from *either* direction (as
> it were), and less likely to be hit in any future attack.
2 questions :
1/ what "ratware" is this ?
2/ why on earth should one help a faulty implementation by introducing a phony RR ?
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list