[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNS Attacks

Subject: DNS Attacks
From: ken.gilmour at gmail.com (Ken Gilmour)
Date: Sun, 19 Feb 2012 11:59:37 +0100
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On Feb 18, 2012 10:24 PM, "Robert Bonomi" <bonomi at mail.r-bonomi.com> wrote:
>
> Even better, nat to a 'bogon' DNS server -- one that -- regardless of the
> query -- returns the address of a dedicated machine on your network set up
> especially for this purpose.

What happens when the client sends a POST from a cached page on the end
user's machine? E.g. if they post login credentials. Of course, they'll get
the error page, but then you have confidential data in your logs and now
you have to protect highly confidential info, at least if you're in europe.

Follow-Ups:
- DNS Attacks
  - From: patrick at ianai.net (Patrick W. Gilmore)
- DNS Attacks
  - From: bonomi at mail.r-bonomi.com (Robert Bonomi)
- DNS Attacks
  - From: mysidia at gmail.com (Jimmy Hess)

References:
- DNS Attacks
  - From: Joel.Snyder at Opus1.COM (Joel M Snyder)
- DNS Attacks
  - From: bonomi at mail.r-bonomi.com (Robert Bonomi)

Prev by Date: WW: Colo Vending Machine
Next by Date: DNS Attacks
Previous by thread: DNS Attacks
Next by thread: DNS Attacks
Index(es):
- Date
- Thread