17 Nov
2010
17 Nov
'10
6:43 a.m.
Man in the middle rewriting of DNS query responses is the only thing I can think of. On Wed, Nov 17, 2010 at 11:47 AM, Fred Baker <fred@cisco.com> wrote:
I have read the article and the list, and I'm puzzled. It's pretty clear that the root gets its records from a common source, and that the copies of them being delivered by a given root server were different. As a result, traffic intended to go place A went to place B if the TLD lookup happened to go to the particular root server in question. How did an instance of the root server find itself serving changed records? While there is no obvious indication of who made the change or for what reason, it's unlikely it was accidental.
-- Suresh Ramasubramanian (ops.lists@gmail.com)