Mail Archives: cygwin/2003/03/04/00:20:40
--=-a+wxAefNBCOc9+c+zG5i
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Mon, 2003-03-03 at 23:59, Randall R Schulz wrote:
> Geoffrey,
>=20
> Exactly what sneaky data can get sent in a DNS request?
>=20
> Oops. I mean what data can be sneakily sent via a DNS request.
>=20
> Oops. I mean what data can sneakily be sent via a DNS request.
>=20
> Randall Schulz
Actually, plenty. Historically, Bind has been easily hacked. Although
it's been a while since a good vulnerablity was found in Bind, that
doesn't mean there's not an unknown hole in it which could be exploited.
However, in order to exploit such a hole, the attacking system has to
be, in one way or another, "owned". Anybody with the presence of mind
to be running ZoneAlarm (or something similar) would certianly know if
there system(s) had been compromised in such a fashion.
>=20
{ snip }
--=20
David Means
Real programs don't eat cache.
--=-a+wxAefNBCOc9+c+zG5i
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEABECAAYFAj5kN5UACgkQUd0KwqAz4arR6QCePPiqHIyQZP3J+K6a9z6Ebi1P
L5UAnRXJ/lKVASRjdWxVxPVPsluQFR4+
=WPOZ
-----END PGP SIGNATURE-----
--=-a+wxAefNBCOc9+c+zG5i--
- Raw text -