In message <FDF98A3E-6BDC-4D85-8826-B3B8DC6EC725@gmail.com>, George Herbert writes:
On Nov 24, 2014, at 4:18 PM, Randy Epstein <nanog@hostleasing.net> wrote:
Actually, he didn’t hack its records either. He exploited a bug in BIND.
...returned a legit response plus a tacked-on glue record for www.internic.net anytime you queried his nameserver, which he tricked people into doing with mixtures of sending you mail, hitting open DNS servers with queries for his domain, and another thing I still don't want to talk about.
Paul was more widely quoted and knew his BIND vulnerability better; he can always out-pedant me on this one.
More a protocol bug which lead to DNSSEC, which allows you to accept a answer from anywhere so long as it is signed and validates as secure, which most of you have yet to deploy.
I did get a few press quotes, though.
Your fu is weak, Randyhopper. Train harder! ;-)
George William Herbert Sent from my iPhone
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org