[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Multiple DNS implementations vulnerable to cache poisoning

Subject: Multiple DNS implementations vulnerable to cache poisoning
From: ml at t-b-o-h.net (Tuc at T-B-O-H.NET)
Date: Fri, 11 Jul 2008 10:58:01 -0400 (EDT)
In-reply-to: <[email protected]>

> Reading through the JavaScript that drives <http://www.doxpara.com/>,
> it appears to be pretty easy to write a non-AJAX client to query Dan's
> service.  I threw one together in perl, named "noclicky", that allows you
> to use Dan's service against any nameserver specified on the command line.
> You can download a copy from <http://michael.toren.net/code/noclicky/>.
>
	It looks like Dan changed what it returns, and noclicky 1.00 gets
confused. You can fix this, atleast until MCT comes out with a new version,
by putting :

my $date = shift @data;

	before the line :

print "Requests seen for $domain:\n";


			Tuc/TBOH

Follow-Ups:
- Multiple DNS implementations vulnerable to cache poisoning
  - From: chort at smtps.net (Brian Keefer)

References:
- Multiple DNS implementations vulnerable to cache poisoning
  - From: mct at toren.net (Michael C. Toren)

Prev by Date: BGP Update Report
Next by Date: Weekly Routing Table Report
Previous by thread: Multiple DNS implementations vulnerable to cache poisoning
Next by thread: Multiple DNS implementations vulnerable to cache poisoning
Index(es):
- Date
- Thread