Probably many of you know this but...severe current cache poisoning
mankin at psg.com
Thu Apr 7 19:02:17 EDT 2005
Below is the highlight put on nanog today, but it's interesting to
go through the whole diary. Amy Friedlander and I were looking
at it earlier and she noticed a pointer that could get to dnssec
solutions under the subhead "Future of DNS"
Internet Storm Center:
"The InfoCon is currently set at yellow in response to
the DNS cache poisoning issues that we have been reporting
on for the last several days. We originally went to yellow
because we were uncertain of the mechanisms that allowed
seemingly "secure" systems to be vulnerable to this issue.
Now that we have a better handle on the mechanisms, WE
WANT TO GET THE ATTENTION OF ISPs AND ANY OTHERS WHO RUN
DNS SERVERS THAT MAY ACT AS FORWARDS FOR DOWNSTREAM
Microsoft DNS SYSTEMS. If you are running BIND, please
consider updating to Version 9. Read on for more
There's also some press - Network World: "DNS Pharming
Attacks Target .com Domain"
More information about the Dnssec-deployment