Re: Security problems with SRV records


On 08/19/2011 02:05 PM, Alessandro Vesely wrote:

As well as they automate client setup, SRV records also automate cracking.


How is that?

Keep in mind that the net is small these days. The bruteforce kiddiessweep the entire IPv4 internet, and do it quickly. I set up a new publicbox the other day, it was swept during its first working day, and I'veheard stories of "rooted in x minutes" for scarily small values of x.

I venture to suggest that at the moment, sweeping the IPv4 net lookingfor open TCP ports is easier than sweeping the DNS looking for SRV records.


Arnt

<Prev in Thread]	Current Thread	[Next in Thread>
Security problems with SRV records, Alessandro Vesely Re: Security problems with SRV records, Arnt Gulbrandsen <= Re: Security problems with SRV records, Hector Santos Re: Security problems with SRV records, Alessandro Vesely Re: Security problems with SRV records, Arnt Gulbrandsen

Previous by Date:	Security problems with SRV records, Alessandro Vesely
Next by Date:	Re: Mail Data termination, Hector Santos
Previous by Thread:	Security problems with SRV records, Alessandro Vesely
Next by Thread:	Re: Security problems with SRV records, Hector Santos
Indexes:	[Date] [Thread] [Top] [All Lists]