From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <488D35A2.5080806@gmail.com>
Date: Sun, 27 Jul 2008 20:57:38 -0600
From: don bailey <don.bailey@gmail.com>
User-Agent: Thunderbird 2.0.0.14 (X11/20080421)
MIME-Version: 1.0
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
References: <9a26ecb5639631b7d346a52c0c8e849d@quanstro.net>
In-Reply-To: <9a26ecb5639631b7d346a52c0c8e849d@quanstro.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [9fans] dns exploits (self-promotion remix)
Topicbox-Message-UUID: f2cd8cc2-ead3-11e9-9d60-3106f5b1d025

> i don't understand this
> 1.  plan 9 never used a static source port for queries,
> and more importantly
>

Erm, sequential source ports are close enough.

> 2.  who does recursive queries on external interfaces?
> i would have considerd this a configuration error and
> security problem ten years ago.
>

Tell that to the rest of the internet. It's not that
simple, either. I am using recursive capability as an
example of making an attack extremely easy. I could
also send you an e-mail with HTML that loads images
from a specific domain name. There are a million other
vectors that are just as predictable because of the
luxury of web2.0. Recursive queries obviously just
make this simpler for the attacker.

D