Mike Raiford wrote:
> I'm wondering if its at all possible to slip a poisoned entry into an 
> ISP's cache.

It used to be trivially easy.  DNS works over UDP, so a DNS server would 
send out a request for an address, and when the next server replied, it 
would go into the cache - no need to track requests vs replies. "Poisoning" 
just consisted of sending replies with bogus answers to servers that hadn't 
asked for them.

I don't know how they eliminated that problem.

-- 
   Darren New, San Diego CA, USA (PST)
   I ordered stamps from Zazzle that read "Place Stamp Here".

Post a reply to this message