Hi!
> What I take from this mitigation statement--Use a trustworthy DNS
> resolver which is able to validate the data according to the DNS record
> types--is that if our DNS service is solid, we are not vulnerable. Is this
> accurate, or am I oversimplifying things? The mitigation statement from ZDI
> was much more ominous, but I'm still parsing "network-adjacent attackers".
As far as I know, there was not enough info in the ZDI report to
really have a reproducible test case. So we're all a little bit
in the dark.
See
https://lists.isc.org/pipermail/bind-users/2023-October/107997.html
and follow-ups for a few comments on the topic for bind.
--
pi@??? +49 171 3101372 Now what ?
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
