LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for July 2, 2009

RealtimeKit and the audio problem

VFAT patent avoidance and patent workarounds

LWN.net Weekly Edition for June 25, 2009

Apache attacked by a "slow loris"

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Cache poisoning vulnerability found in BIND

Cache poisoning vulnerability found in BIND

Posted Jul 31, 2007 11:26 UTC (Tue) by cortana (subscriber, #24596)
In reply to: Cache poisoning vulnerability found in BIND by tialaramex
Parent article: Cache poisoning vulnerability found in BIND

... lots of sites that are concerned about snooping, but not about impersonation, use SSL with certificates that are self-signed (or signed by an unknown CA) to avoid the high cost of a "real" SSL certificate.

But the assurance that one is not being snooped strictly requires the assurance that one is not being impersonated.

(Log in to post comments)

Cache poisoning vulnerability found in BIND

Posted Jul 31, 2007 16:02 UTC (Tue) by zlynx (subscriber, #2285) [Link]

Using a self-signed SSL cert still raises the bar considerably. Especially if you immediately save it in your cert DB. Just like using SSH and saving the remote system key for the first time.

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds