RE: pharming.. dns cache insertion...

This is a discussion on RE: pharming.. dns cache insertion... within the Bind Users forums, part of the DNS and Related Forums category; At 2:45 PM -0700 2005-04-09, bruce wrote: > if i am, then in theory, it appears to ...


Go Back   Usenet Forums > DNS and Related Forums > Bind Users

Reload this Page RE: pharming.. dns cache insertion...

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 04-10-2005
Brad Knowles
 
Posts: n/a
Default RE: pharming.. dns cache insertion...
At 2:45 PM -0700 2005-04-09, bruce wrote:

> if i am, then in theory, it appears to me that one could essentially build a
> reasonably accurate list of valid IP Addresses for a given URL... in order
> to maintain the accuracy, one would have to continually 'build/maintain' the
> list, but it seems that it could be done.. am i missing something?

No, it couldn't be done, because you can't generate the same
queries from all possible different locations in the Internet. Since
the answers you get could be different for any given query source,
you have to query from all possible sources. Of course, then you'd
have to start all over again, because the load-balancing answers for
a given query source might have changed.

> also, if i get an IP Address for a given URL, how do you determine if it's
> really valid?

Depends on what you mean by "really valid". Without DNSSEC and
strong cryptographic signatures on DNS data, the best possible answer
you can get will still be pretty weak.

> would you have to go back to the authoritative DNS to see if
> the IP is valid.

That's assuming that there isn't someone sitting between you and
them, watching all your queries and generating whatever answers they
want you to see. That's assuming that your own cache isn't
poisoned/polluted with respect to the IP addresses of the
authoritative nameservers. That's assuming that the authoritative
nameservers are correctly configured and handing out correct data.

That's assuming a lot of things.

> is there a list somewhere for a URL of the valid IP
> Addesses for that URL?

In the context of DNS, URLs don't exist. There are domain names,
and host names, and various different types of records associated
with host and domain names, but there are no "URLs".

URLs are something that is constructed based on a host or domain
name, with some additional information added (such as what protocol
or port would be used to connect to the service, etc...).

--
Brad Knowles, <brad@stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755

SAGE member since 1995. See <http://www.sage.org/> for more info.


Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 07:52 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0