On Thu, 12 Nov 1998, John Fraizer wrote: > You weren't hacked. It was NetSol/InterNIC showing us just how lame they > are again by corrupting root servers. > > http://www.news.com/News/Item/0,4,28664,00.html?st.ne.fd.mdh The above is unrelated to the below, AFAIK. > At 11:47 AM 11/11/98 -0500, you wrote: > >Anyone running MS's DNS notice, overnite or so, their cache files > >(specifically the root name servers) replaced with a handful of entries for > >allegro.net ... ? The only thing that the Internic being idiots would have done, as far as I have any evidence of, is claim that .com domains do not exist. If your nameserver's cache was corrupted to think that allegro.net is authoritative for .com (or .), then that is NOT related. While I would need exact output from sample queries to the server to tell for sure, it would appear that, if what the poster above said is true, the software they are running is vulnerable to cache pollution, just like old versions of BIND are. This is quite bad, both because someone with malicious intent can do evil things and because there are an increasing number of accidental situations where people somehow misconfigure their servers to claim false authority. As always, upgrade to a current version of BIND 8.x. In theory, the latest 4.9 isn't vulnerable either but I don't trust it. If you are running software from some other vendor, contact them to ensure that it does not suffer from such problems.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:23:08 PDT