[nsp-sec] DNS Vuln... Here we go...
Ross, Jason
Jason.Ross at GlobalCrossing.com
Wed Jul 23 21:49:30 EDT 2008
whee.
on the upside, looking for RR's coming in with a TTL set to 31337 is likely a decent 'low hanging fruit' way to check for this being used against your stuff, since it's not a 'settable' option outside of changing the code. Which isn't to say that smarter miscreants won't change the code, but it's likely the bulk of the stupid crap coming in will be left to the default. (/me keeps the lovely pink glasses firmly in place ;-)
--
Jason
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
> bounces at puck.nether.net] On Behalf Of White, Gerard
> Sent: Wednesday, July 23, 2008 8:47 PM
> To: nsp-security at puck.nether.net
> Subject: [nsp-sec] DNS Vuln... Here we go...
>
> ----------- nsp-security Confidential --------
>
> Greetings.
>
>
>
> Now the fun begins...
>
>
>
> http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
>
>
>
>
>
> GW
>
> 855 - Bell Aliant
>
>
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-
> security
> community. Confidentiality is essential for effective Internet
> security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list