LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LK2008: Embedded and Mobile Linux

LK2008: The values of the Linux community

LWN.net Weekly Edition for October 9, 2008

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Big solution based on faults with an insecure operating system

Big solution based on faults with an insecure operating system

Posted Feb 14, 2008 14:10 UTC (Thu) by nstraz (subscriber, #1592)
Parent article: DNS Inventor Warns of Next Big Threat (Dark Reading) 

I just don't seem to understand why this is needed at all.  IIRC, the DNS servers used for
resolving are set either by the user or the DHCP server.  Given that most people enter their
ISP's DNS servers, how are they using rogue DNS servers?  Let's assume that there aren't any
rogue DHCP servers on their networks.

The article states that viri are doing drive by reconfiguration of DNS servers on some
operating systems.  Shouldn't that be the focus and not adding more layers onto a working
system?  As one person notes, couldn't network admins force their users to use the local DNS
servers?  I'm already forced to use the network's SMTP server.

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds