[ga] What Could You Do With a Bogus Root Name Server?

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

All,

  Back to Dr. Joes concern, kinda...

See:http://it.slashdot.org/article.pl?sid=08/05/19/1325214&tid=172
and
http://www.renesys.com/blog/2008/06/securing_the_root.shtml

Identity theft' of a root name server. To emphasize the issue of 
safeguarding such a system, they've now posted an explanation of 
exactly how the situation could be exploited. "It shouldn't be too 
hard to see that you could end up answering every DNS query from 
an organization that came to you for an updated list of root name 
servers. Every one. And you might end up doing this for a very
long time, especially if your answers were largely correct. An attack
like this would have no resemblance to the YouTube hijack, where the
entire planet gets a blank page and it's immediately apparent that
something isn't right. Obvious events like this will continue to occur,
and we'll continue to resolve them relatively quickly. But as this
incident demonstrates, DNS hijacks are far less obvious and potentially
far more harmful.

Regards,

Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827