Preety quickly in relative terms... DJB pointed out the vulnerability back in July 2001... that would be more than 7 years (http://cr.yp.to/djbdns/forgery-cost.txt).
\Lego On Mon, Aug 4, 2008 at 7:08 PM, Gerald Combs <[EMAIL PROTECTED]> wrote: > On Mon, 04 Aug 2008 11:29:54 +0200, Jaap Keuter <[EMAIL PROTECTED]> > wrote: >> That was talk about c-ares as replacement for adns. It came out on top of >> my >> preference list (further candidates: UDNS and posadis). I have had no > time >> to >> investigate this any further, let alone start design/implementation. > > It looks like the c-ares community reacted pretty quickly to the DNS > poisoning flaw discovered recently > (http://daniel.haxx.se/projects/c-ares/mail/c-ares-archive-2008-07/) while > the ADNS community hasn't (http://www.kb.cert.org/vuls/id/MIMG-7ECL5U). > This is probably a good hint that we should switch. > > _______________________________________________ > Wireshark-dev mailing list > [email protected] > https://wireshark.org/mailman/listinfo/wireshark-dev > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev
