DNS attacks
Kevin Darcy
kcd at chrysler.com
Fri Jul 25 23:46:55 UTC 2008
I don't know that it would be appropriate for me to say any more than
that, since the details of the exploit have not yet been "officially"
disclosed.
- Kevin
Michael Varre wrote:
> Sorry I meant to reply to all. What is the attack profile for this?
>
>
>
> On 7/25/08, Kevin Darcy <kcd at chrysler.com> wrote:
>
>> Wolfgang S. Rupprecht wrote:
>>
>>> James Kosin posted a message on the fedora mailing list that he is
>>> actually seeing DNS attack messages in his log files. The message is
>>> archived here:
>>>
>>> http://permalink.gmane.org/gmane.linux.redhat.fedora.general/306278
>>>
>>> Hopefully reports like this will get the folks to upgrade.
>>>
>>>
>> It's definitely a probe of some kind, but AFAICT a bunch of repeated
>> queries for a *small* number of names, isn't the attack profile
>> associated with the Kaminsky exploit.
>>
>> People should upgrade, of course. Even if the attacks aren't here yet,
>> it's only a matter of time...
>>
>> - Kevin
>>
>>
>>
>>
>
>
More information about the bind-users
mailing list