From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <7c6217a4006705fe32b6000c4d2d6c03@quanstro.net>
To: 9fans@9fans.net
From: erik quanstrom <quanstro@quanstro.net>
Date: Sun, 27 Jul 2008 09:18:53 -0400
In-Reply-To: <261342.6156.qm@web27004.mail.ukl.yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: [9fans] dns exploits (self-promotion remix)
Topicbox-Message-UUID: f246a054-ead3-11e9-9d60-3106f5b1d025

> i'm not a dns user (just the client side) on Plan9, is the server part vulnerable to the recent poisonning attacks?

i think the recent dns cache-poisoning vulnerability
is more self promotion than substance.  my friends
at [dns operator] agree.

however, ndb/dns does use randomized query ids.
you can use snoopy to verify this or you can read
the source.  (ndb/dnresolv.c/^queryns) so it is not
vulnerable.

the other part of this promotion was selling dnssec.
i'm not sold.  see the five objections to dnssec in
the second paragraph.
http://en.wikipedia.org/wiki/DNSSEC

next up, the exploit remix.

- erik