[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] DNS Cache Dan Kamikaze (Actual Exploit Discussion)
- To: "Paul Schmehl" <pschmehl_lists_nada@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] DNS Cache Dan Kamikaze (Actual Exploit Discussion)
- From: "Robert Holgstad" <rholgstad@xxxxxxxxx>
- Date: Tue, 15 Jul 2008 18:23:02 -0500
yes you better listen to Paul. He handles windows updates for a large
network and was the second person to subscribe to a list full of trolls.
On Tue, Jul 15, 2008 at 10:47 AM, Paul Schmehl <pschmehl_lists@xxxxxxxxx>
wrote:
> --On Tuesday, July 15, 2008 09:14:39 +1000 Mark Andrews <
> Mark_Andrews@xxxxxxx>
> wrote:
> >
> > And the best solution to this attack is to deploy DNSSEC.
> > You don't care where the response comes from provide the
> > signatures are good.
> >
>
> Except that DNSSEC is going to have to improve dramatically to achieve
> widespread adoption. Right now it's a PITA to understand and implement and
> then 30 days later you have to do it all over again. Frankly, it's not
> worth
> the effort until the technology improves enough to make it easier to
> implement
> and maintain.
>
> I know you don't want to hear that, but that's the truth.
>
> --
> Paul Schmehl
> As if it wasn't already obvious,
> my opinions are my own and not
> those of my employer.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/