Oh goody. More term proliferation. Now we have DNS cache-poisoning referred to as 'pharming'. When will people realize that this sort of thing just makes it harder for people (particularly the innexperienced) to do Web searches for information they might need to secure their systems?

Nor do I completely understand Mr. Haugsness' comments about DNSsec. This wouldn't have been much of a problem if people would run BIND9, properly configured.

A succesful DNS attack means 'game over' in so _many_ arenas. Running it on Win, facing the cloud, just isn't a good move.

Of course this is a black eye for Symantec gateway products as well, but so many DNS solutions have had problems it's hard to beat them up about it too much. Look at earlier BINDs--arghh! And the Symantec software had a fix available.

Just one more argument for keeping systems updated. One of the _endless_ arguments.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/10841/31334#31334