[Top] [All Lists]

Re: Security problems with SRV records

2011-08-19 08:10:25

On 08/19/2011 02:05 PM, Alessandro Vesely wrote:
As well as they automate client setup, SRV records also automate cracking.

How is that?

Keep in mind that the net is small these days. The bruteforce kiddies sweep the entire IPv4 internet, and do it quickly. I set up a new public box the other day, it was swept during its first working day, and I've heard stories of "rooted in x minutes" for scarily small values of x.

I venture to suggest that at the moment, sweeping the IPv4 net looking for open TCP ports is easier than sweeping the DNS looking for SRV records.


<Prev in Thread] Current Thread [Next in Thread>