[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)

Subject: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
From: Eugene Crosser <crosser@xxxxxxxxxxx>
Date: 30 Dec 2002 19:39:20 +0300
Organization:
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Mon, 2002-12-30 at 19:14, E.B. Dreger wrote:

> The irony of what you suggest is that it requires DNS lookups for
> the PGP keyserver and the FTP site -- a chance for spoofing.

Not really.  That part of my the script only runs once, and can be
omitted alltogether.  Instead, you can (and probably should) download
the key by hand and check the fingerprint offline (e.g. call friends).

Eugene

Follow-Ups:
- Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
  - From: E.B. Dreger

References:
- Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
  - From: E.B. Dreger

Prev by Date: [cobalt-security] What does this DNS related message mean
Next by Date: Re: [cobalt-security] RE: was Anyone else get this error? [couldn't create pid file] **SOLVED** (revised)
Previous by thread: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
Next by thread: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index