DNS Attacks

Bruno Wolff III bruno at wolff.to
Fri Jul 25 19:06:54 UTC 2008

On Fri, Jul 25, 2008 at 10:02:57 -0700,
  bruce <bedouglas at earthlink.net> wrote:
> As I understand the issue. The issue is one of being able to poison the DNS
> app on the DNS server. There's not really much the casual user can do, aside
> from switching to another DNS/IP address that's safe. But the rub is, do you
> really know if the DNS/IP you're switching to is safe!
> The best approach, would probably be a system to allow you to poll a few DNS
> servers, and to take the returned ip address that comes back from the most
> of them as the "correct" ip address!! but this isn't implemented anywhere as
> far as i know....

You are better off running your own caching resolver than trying the above.

More information about the fedora-list mailing list